Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,162 advisories

Loading
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows... High Unreviewed
CVE-2019-19104 was published May 24, 2022
Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key... Moderate Unreviewed
CVE-2020-11946 was published May 24, 2022
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its... High Unreviewed
CVE-2019-12524 was published May 24, 2022
A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.7.8 (build... High Unreviewed
CVE-2020-9004 was published May 24, 2022
SAP Solution Manager (Diagnostics Agent), version 7.2, does not perform the authentication check... Moderate Unreviewed
CVE-2020-6235 was published May 24, 2022
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed
CVE-2020-3952 was published May 24, 2022
CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to... Moderate Unreviewed
CVE-2020-10264 was published May 24, 2022
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC).... Low Unreviewed
CVE-2019-19092 was published May 24, 2022
Zoho ManageEngine Desktop Central allows unauthenticated users to access PDFGenerationServlet,... Moderate Unreviewed
CVE-2020-8509 was published May 24, 2022
UltraLog Express device management interface does not properly perform access authentication in... Moderate Unreviewed
CVE-2020-3920 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14... Moderate Unreviewed
CVE-2020-7479 was published May 24, 2022
auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a... Moderate Unreviewed
CVE-2020-10807 was published May 24, 2022
The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to... High Unreviewed
CVE-2019-16258 was published May 24, 2022
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted ... Moderate Unreviewed
CVE-2019-15655 was published May 24, 2022
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via a simple... Moderate Unreviewed
CVE-2019-15654 was published May 24, 2022
Zoho ManageEngine Applications Manager 14590 and before allows a remote unauthenticated attacker... Moderate Unreviewed
CVE-2019-19799 was published May 24, 2022
Some Brother printers (such as the HL-L8360CDW v1.20) were affected by different information... Moderate Unreviewed
CVE-2019-13194 was published May 24, 2022
SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication... Critical Unreviewed
CVE-2020-6207 was published May 24, 2022
SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from... Critical Unreviewed
CVE-2020-6198 was published May 24, 2022
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed
CVE-2019-19226 was published May 24, 2022
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed
CVE-2019-19225 was published May 24, 2022
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed
CVE-2019-19224 was published May 24, 2022
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2... Moderate Unreviewed
CVE-2015-5201 was published May 24, 2022
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated... High Unreviewed
CVE-2019-16893 was published May 24, 2022
TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a... Moderate Unreviewed
CVE-2019-19143 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database