Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,139 advisories

Loading
A vulnerability based on insecure user/password encryption in the JOE (job editor) component of... Moderate Unreviewed
CVE-2020-12712 was published May 24, 2022
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN... High Unreviewed
CVE-2019-15311 was published May 24, 2022
A security feature bypass vulnerability exists when Windows Host Guardian Service improperly... Moderate Unreviewed
CVE-2020-1259 was published May 24, 2022
BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that... Low Unreviewed
CVE-2019-18256 was published May 24, 2022
Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1 allows other... Moderate Unreviewed
CVE-2020-13261 was published May 24, 2022
An issue was discovered in Mattermost Server before 5.8.0. It mishandles brute-force attacks... High Unreviewed
CVE-2019-20881 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14426 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14428 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14431 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Moderate Unreviewed
CVE-2020-14429 was published May 24, 2022
In Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authenticated user with could... Moderate Unreviewed
CVE-2020-14470 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.0 through 6.2.7.17, 7.0.0.0 through 7.0.5.12, 7.1.0.0 through 7... Moderate Unreviewed
CVE-2022-40751 was published Nov 17, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed
CVE-2020-14427 was published May 24, 2022
A credential-exposure vulnerability in the support-bundle mechanism in Gradle Enterprise 2022.3... High Unreviewed
CVE-2022-41575 was published Oct 21, 2022
An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. The... Moderate Unreviewed
CVE-2020-13835 was published May 24, 2022
An issue was discovered on Wavlink WL-WN579G3 - M79X3.V5030.180719 and WL-WN575A3 - RPT75A3.V4300... Moderate Unreviewed
CVE-2020-10974 was published May 24, 2022
An issue was discovered in Foxit PhantomPDF before 8.3.10. It has mishandling of cloud... Moderate Unreviewed
CVE-2019-20833 was published May 24, 2022
BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage. Moderate Unreviewed
CVE-2019-19218 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate... Moderate Unreviewed
CVE-2020-4232 was published May 24, 2022
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by... Moderate Unreviewed
CVE-2020-13414 was published May 24, 2022
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users... Moderate Unreviewed
CVE-2020-13154 was published May 24, 2022
Bond JetSelect (all versions) has an issue in the Java class (ENCtool.jar) and corresponding... High Unreviewed
CVE-2019-13022 was published May 24, 2022
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the... Moderate Unreviewed
CVE-2019-13023 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices, affecting /cgi-bin... Moderate Unreviewed
CVE-2020-10973 was published May 24, 2022
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. A page is exposed... Moderate Unreviewed
CVE-2020-10972 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database