GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,031
Composer 4,303
Erlang 31
GitHub Actions 21
Go 2,072
Maven 5,246
npm 3,744
NuGet 669
pip 3,430
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,693

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

334 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in LOGO!8 BM (All versions). Attackers with access to port... Critical Unreviewed

CVE-2019-10919 was published May 24, 2022

An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be... Critical Unreviewed

CVE-2019-13101 was published May 24, 2022

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows... Critical Unreviewed

CVE-2019-13547 was published May 24, 2022

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed

CVE-2022-35865 was published Aug 4, 2022

An issue was discovered in BACKCLICK Professional 5.9.63. User authentication for accessing the... Critical Unreviewed

CVE-2022-44001 was published Nov 18, 2022

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an... Critical Unreviewed

CVE-2020-12506 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12500 was published May 24, 2022

It is possible to enumerate access card credentials via an unauthenticated network connection to... Critical Unreviewed

CVE-2020-16098 was published May 24, 2022

Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows... Critical Unreviewed

CVE-2020-15851 was published May 24, 2022

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an... Critical Unreviewed

CVE-2020-12505 was published May 24, 2022

The Appbase streams Docker image 2.1.2 contains a blank password for the root user. Systems... Critical Unreviewed

CVE-2020-35468 was published May 24, 2022

The official sonarqube docker images before alpine (Alpine specific) contain a blank password for... Critical Unreviewed

CVE-2020-35193 was published May 24, 2022

Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user... Critical Unreviewed

CVE-2020-35463 was published May 24, 2022

The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific)... Critical Unreviewed

CVE-2020-35196 was published May 24, 2022

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders... Critical Unreviewed

CVE-2020-24217 was published May 24, 2022

The official influxdb docker images before 1.7.3-meta-alpine (Alpine specific) contain a blank... Critical Unreviewed

CVE-2020-35194 was published May 24, 2022

The official telegraf docker images before 1.9.4-alpine (Alpine specific) contain a blank... Critical Unreviewed

CVE-2020-35187 was published May 24, 2022

The official composer docker images before 1.8.3 contain a blank password for a root user. System... Critical Unreviewed

CVE-2020-35184 was published May 24, 2022

The official drupal docker images before 8.5.10-fpm-alpine (Alpine specific) contain a blank... Critical Unreviewed

CVE-2020-35191 was published May 24, 2022

A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an... Critical Unreviewed

CVE-2020-3531 was published May 24, 2022

The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user.... Critical Unreviewed

CVE-2020-29389 was published May 24, 2022

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on... Critical Unreviewed

CVE-2020-7540 was published May 24, 2022

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... Critical Unreviewed

CVE-2020-25228 was published May 24, 2022

The official adminer docker images before 4.7.0-fastcgi contain a blank password for a root user.... Critical Unreviewed

CVE-2020-35186 was published May 24, 2022

The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password... Critical Unreviewed

CVE-2020-35185 was published May 24, 2022

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

334 advisories