Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

423 advisories

Loading
The Appbase streams Docker image 2.1.2 contains a blank password for the root user. Systems... Critical Unreviewed
CVE-2020-35468 was published May 24, 2022
The FullArmor HAPI File Share Mount Docker image through 2020-12-14 contains a blank password for... Critical Unreviewed
CVE-2020-35465 was published May 24, 2022
The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root... Critical Unreviewed
CVE-2020-35469 was published May 24, 2022
The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user.... Critical Unreviewed
CVE-2020-35467 was published May 24, 2022
Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user.... Critical Unreviewed
CVE-2020-35462 was published May 24, 2022
Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user.... Critical Unreviewed
CVE-2020-35464 was published May 24, 2022
The Blackfire Docker image through 2020-12-14 contains a blank password for the root user.... Critical Unreviewed
CVE-2020-35466 was published May 24, 2022
The official sonarqube docker images before alpine (Alpine specific) contain a blank password for... Critical Unreviewed
CVE-2020-35193 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... Critical Unreviewed
CVE-2020-25228 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on... Critical Unreviewed
CVE-2020-7540 was published May 24, 2022
The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user.... Critical Unreviewed
CVE-2020-29389 was published May 24, 2022
A CWE-284: Improper Access Control vulnerability exists in Easergy T300 (with firmware 2.7 and... Critical Unreviewed
CVE-2020-7561 was published May 24, 2022
A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an... Critical Unreviewed
CVE-2020-3531 was published May 24, 2022
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed
CVE-2020-12500 was published May 24, 2022
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders... Critical Unreviewed
CVE-2020-24217 was published May 24, 2022
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an... Critical Unreviewed
CVE-2020-12506 was published May 24, 2022
Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an... Critical Unreviewed
CVE-2020-12505 was published May 24, 2022
Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows... Critical Unreviewed
CVE-2020-15851 was published May 24, 2022
It is possible to enumerate access card credentials via an unauthenticated network connection to... Critical Unreviewed
CVE-2020-16098 was published May 24, 2022
The ClearPass Policy Manager web interface is affected by a vulnerability that leads to... Critical Unreviewed
CVE-2020-7115 was published May 24, 2022
SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication... Critical Unreviewed
CVE-2020-6207 was published May 24, 2022
SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from... Critical Unreviewed
CVE-2020-6198 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Critical Unreviewed
CVE-2019-18339 was published May 24, 2022
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and... Critical Unreviewed
CVE-2019-5644 was published May 24, 2022
In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow... Critical Unreviewed
CVE-2019-18465 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database