Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

394 advisories

Loading
Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5... High Unreviewed
CVE-2021-20662 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A... High Unreviewed
CVE-2020-26192 was published May 24, 2022
An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default... High Unreviewed
CVE-2020-10537 was published May 24, 2022
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a... High Unreviewed
CVE-2021-25312 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... High Unreviewed
CVE-2020-15799 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... High Unreviewed
CVE-2020-24580 was published May 24, 2022
Improper Authentication vulnerability in Gallagher Command Centre Server allows an... High Unreviewed
CVE-2020-16102 was published May 24, 2022
A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an... High Unreviewed
CVE-2020-3392 was published May 24, 2022
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and... High Unreviewed
CVE-2020-10291 was published May 24, 2022
** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and... High Unreviewed
CVE-2020-27986 was published May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information... High Unreviewed
CVE-2020-25966 was published May 24, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port... High Unreviewed
CVE-2020-15483 was published May 24, 2022
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not... High Unreviewed
CVE-2020-6287 was published May 24, 2022
The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version... High Unreviewed
CVE-2020-10282 was published May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests. High Unreviewed
CVE-2020-15335 was published May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests. High Unreviewed
CVE-2020-15336 was published May 24, 2022
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a... High Unreviewed
CVE-2019-18666 was published May 24, 2022
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.x,... High Unreviewed
CVE-2020-6242 was published May 24, 2022
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication... High Unreviewed
CVE-2019-5620 was published May 24, 2022
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows... High Unreviewed
CVE-2019-19104 was published May 24, 2022
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its... High Unreviewed
CVE-2019-12524 was published May 24, 2022
A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.7.8 (build... High Unreviewed
CVE-2020-9004 was published May 24, 2022
The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to... High Unreviewed
CVE-2019-16258 was published May 24, 2022
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated... High Unreviewed
CVE-2019-16893 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions), SCALANCE X... High Unreviewed
CVE-2019-13933 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database