Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,245 advisories

Loading
Zoho ManageEngine Applications Manager 14590 and before allows a remote unauthenticated attacker... Moderate Unreviewed
CVE-2019-19799 was published May 24, 2022
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via a simple... Moderate Unreviewed
CVE-2019-15654 was published May 24, 2022
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted ... Moderate Unreviewed
CVE-2019-15655 was published May 24, 2022
The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to... High Unreviewed
CVE-2019-16258 was published May 24, 2022
auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a... Moderate Unreviewed
CVE-2020-10807 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14... Moderate Unreviewed
CVE-2020-7479 was published May 24, 2022
UltraLog Express device management interface does not properly perform access authentication in... Moderate Unreviewed
CVE-2020-3920 was published May 24, 2022
Zoho ManageEngine Desktop Central allows unauthenticated users to access PDFGenerationServlet,... Moderate Unreviewed
CVE-2020-8509 was published May 24, 2022
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC).... Low Unreviewed
CVE-2019-19092 was published May 24, 2022
CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to... Moderate Unreviewed
CVE-2020-10264 was published May 24, 2022
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed
CVE-2020-3952 was published May 24, 2022
SAP Solution Manager (Diagnostics Agent), version 7.2, does not perform the authentication check... Moderate Unreviewed
CVE-2020-6235 was published May 24, 2022
A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.7.8 (build... High Unreviewed
CVE-2020-9004 was published May 24, 2022
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its... High Unreviewed
CVE-2019-12524 was published May 24, 2022
Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key... Moderate Unreviewed
CVE-2020-11946 was published May 24, 2022
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows... High Unreviewed
CVE-2019-19104 was published May 24, 2022
An issue was discovered on WAVLINK WL-WN579G3 M79X3.V5030.180719, WL-WN575A3 RPT75A3.V4300.180801... Moderate Unreviewed
CVE-2020-12266 was published May 24, 2022
An unprotected logging route may allow an attacker to write endless log statements into the... Moderate Unreviewed
CVE-2020-10641 was published May 24, 2022
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication... High Unreviewed
CVE-2019-5620 was published May 24, 2022
SaltStack Salt Unauthenticated Remote Code Execution Critical
CVE-2020-11651 was published for salt (pip) May 24, 2022
TeamPass files are available without authentication High
CVE-2020-12478 was published for nilsteampassnet/teampass (Composer) May 24, 2022
Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain... Moderate Unreviewed
CVE-2020-12117 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices, affecting /cgi-bin... Moderate Unreviewed
CVE-2020-10973 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. A page is exposed... Moderate Unreviewed
CVE-2020-10972 was published May 24, 2022
An issue was discovered on Wavlink WL-WN579G3 - M79X3.V5030.180719 and WL-WN575A3 - RPT75A3.V4300... Moderate Unreviewed
CVE-2020-10974 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database