Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,162 advisories

Loading
Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt,... Moderate Unreviewed
CVE-2020-9062 was published May 24, 2022
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the... Moderate Unreviewed
CVE-2019-5591 was published May 24, 2022
Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on... Moderate Unreviewed
CVE-2020-6294 was published May 24, 2022
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an... Moderate Unreviewed
CVE-2020-15894 was published May 24, 2022
In all versions of FactoryTalk View SEA remote, an authenticated attacker may be able to utilize... Moderate Unreviewed
CVE-2020-12028 was published May 24, 2022
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not... High Unreviewed
CVE-2020-6287 was published May 24, 2022
The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version... High Unreviewed
CVE-2020-10282 was published May 24, 2022
openSIS through 7.4 has Incorrect Access Control. Moderate Unreviewed
CVE-2020-13382 was published May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests. High Unreviewed
CVE-2020-15336 was published May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests. High Unreviewed
CVE-2020-15335 was published May 24, 2022
D-link DSL-2750U ISL2750UEME3.V1E devices allow approximately 90 seconds of access to the control... Moderate Unreviewed
CVE-2020-13150 was published May 24, 2022
A vulnerability has been identified in LOGO!8 BM (incl. SIPLUS variants) (All versions). The... Moderate Unreviewed
CVE-2020-7589 was published May 24, 2022
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path... Moderate Unreviewed
CVE-2020-10754 was published May 24, 2022
The ClearPass Policy Manager web interface is affected by a vulnerability that leads to... Critical Unreviewed
CVE-2020-7115 was published May 24, 2022
A vulnerability in the API of Cisco Application Services Engine Software could allow an... Moderate Unreviewed
CVE-2020-3333 was published May 24, 2022
A vulnerability in the key store of Cisco Application Services Engine Software could allow an... Moderate Unreviewed
CVE-2020-3335 was published May 24, 2022
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a... High Unreviewed
CVE-2019-18666 was published May 24, 2022
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.x,... High Unreviewed
CVE-2020-6242 was published May 24, 2022
An issue was discovered on Wavlink WL-WN579G3 - M79X3.V5030.180719 and WL-WN575A3 - RPT75A3.V4300... Moderate Unreviewed
CVE-2020-10974 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. A page is exposed... Moderate Unreviewed
CVE-2020-10972 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices, affecting /cgi-bin... Moderate Unreviewed
CVE-2020-10973 was published May 24, 2022
Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain... Moderate Unreviewed
CVE-2020-12117 was published May 24, 2022
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication... High Unreviewed
CVE-2019-5620 was published May 24, 2022
An unprotected logging route may allow an attacker to write endless log statements into the... Moderate Unreviewed
CVE-2020-10641 was published May 24, 2022
An issue was discovered on WAVLINK WL-WN579G3 M79X3.V5030.180719, WL-WN575A3 RPT75A3.V4300.180801... Moderate Unreviewed
CVE-2020-12266 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database