Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

361 advisories

Loading
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were... Moderate Unreviewed
CVE-2020-11694 was published May 24, 2022
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the... Moderate Unreviewed
CVE-2020-11557 was published May 24, 2022
Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password... Moderate Unreviewed
CVE-2020-10965 was published May 24, 2022
An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated... Moderate Unreviewed
CVE-2020-9425 was published May 24, 2022
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via a simple... Moderate Unreviewed
CVE-2019-15654 was published May 24, 2022
D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted ... Moderate Unreviewed
CVE-2019-15655 was published May 24, 2022
Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via an insecure... Moderate Unreviewed
CVE-2019-15653 was published May 24, 2022
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480... Moderate Unreviewed
CVE-2019-9104 was published May 24, 2022
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480... Moderate Unreviewed
CVE-2019-9095 was published May 24, 2022
ARRIS TG1692A devices allow remote attackers to discover the administrator login name and... Moderate Unreviewed
CVE-2020-9476 was published May 24, 2022
If a user saved passwords before Thunderbird 60 and then later set a master password, an... Moderate Unreviewed
CVE-2020-6794 was published May 24, 2022
The issue was addressed with improved UI handling. This issue is fixed in iOS 13.3.1 and iPadOS... Moderate Unreviewed
CVE-2020-3841 was published May 24, 2022
In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encoding) via a GET request. Moderate Unreviewed
CVE-2020-9337 was published May 24, 2022
Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or... Moderate Unreviewed
CVE-2020-9330 was published May 24, 2022
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes... Moderate Unreviewed
CVE-2020-8988 was published May 24, 2022
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded... Moderate Unreviewed
CVE-2020-8657 was published May 24, 2022
The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some... Moderate Unreviewed
CVE-2020-5182 was published May 24, 2022
An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine... Moderate Unreviewed
CVE-2020-8422 was published May 24, 2022
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. Moderate Unreviewed
CVE-2020-7908 was published May 24, 2022
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where... Moderate Unreviewed
CVE-2019-19696 was published May 24, 2022
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. An... Moderate Unreviewed
CVE-2019-19857 was published May 24, 2022
An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by... Moderate Unreviewed
CVE-2020-6954 was published May 24, 2022
An information exposure vulnerability in the external authentication profile form of FortiSIEM 5... Moderate Unreviewed
CVE-2019-6700 was published May 24, 2022
USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600;... Moderate Unreviewed
CVE-2020-1871 was published May 24, 2022
A flaw was found in the way Red Hat Quay stores robot account tokens in plain text. An attacker... Moderate Unreviewed
CVE-2019-10205 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database