Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

351 advisories

Loading
homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH keys within downloadable and... High Unreviewed
CVE-2020-24396 was published May 24, 2022
A local file inclusion vulnerability in the FileServlet in all SearchBlox before 9.2.2 allows... High Unreviewed
CVE-2020-35580 was published May 24, 2022
In multiple managed switches by WAGO in different versions it is possible to read out the... High Unreviewed
CVE-2021-20997 was published May 24, 2022
An issue was discovered in SolarWinds Serv-U before 15.2.2. Unauthenticated attackers can... High Unreviewed
CVE-2021-3154 was published May 24, 2022
A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3),... High Unreviewed
CVE-2021-27392 was published May 24, 2022
An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Authentication to the... High Unreviewed
CVE-2020-11925 was published May 24, 2022
MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp... High Unreviewed
CVE-2021-29255 was published May 24, 2022
A vulnerability in the CLI command permissions of Cisco IOS and Cisco IOS XE Software could allow... High Unreviewed
CVE-2021-1392 was published May 24, 2022
In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is stored in a recoverable... High Unreviewed
CVE-2021-3141 was published May 24, 2022
The Taidii Diibear Android application 2.4.0 and all its derivatives allow attackers to obtain... High Unreviewed
CVE-2020-35455 was published May 24, 2022
KACO New Energy XP100U Up to XP-JAVA 2.0 is affected by incorrect access control. Credentials... High Unreviewed
CVE-2021-3252 was published May 24, 2022
The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 stores authentication... High Unreviewed
CVE-2021-27187 was published May 24, 2022
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An... High Unreviewed
CVE-2020-14246 was published May 24, 2022
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. Authentication is not... High Unreviewed
CVE-2020-13856 was published May 24, 2022
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs... High Unreviewed
CVE-2019-20470 was published May 24, 2022
The API in the Push extension for MediaWiki through 1.35 used cleartext for ApiPush credentials,... High Unreviewed
CVE-2020-29005 was published May 24, 2022
The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the... High Unreviewed
CVE-2021-3131 was published May 24, 2022
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by... High Unreviewed
CVE-2020-6882 was published May 24, 2022
An issue was discovered in the CasAuth extension for MediaWiki through 1.35.1. Due to improper... High Unreviewed
CVE-2020-35623 was published May 24, 2022
Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an... High Unreviewed
CVE-2020-29583 was published May 24, 2022
In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are... High Unreviewed
CVE-2020-24680 was published May 24, 2022
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila,... High Unreviewed
CVE-2020-27781 was published May 24, 2022
AdRem NetCrunch 10.6.0.4587 allows Credentials Disclosure. Every user can read the BSD, Linux,... High Unreviewed
CVE-2019-14483 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25235 was published May 24, 2022
A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA... High Unreviewed
CVE-2020-28219 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database