Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of... High Unreviewed
CVE-2019-5163 was published May 24, 2022
The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows... High Unreviewed
CVE-2019-16731 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2019-17146 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions), SCALANCE X... High Unreviewed
CVE-2019-13933 was published May 24, 2022
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated... High Unreviewed
CVE-2019-16893 was published May 24, 2022
The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to... High Unreviewed
CVE-2019-16258 was published May 24, 2022
A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.7.8 (build... High Unreviewed
CVE-2020-9004 was published May 24, 2022
An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its... High Unreviewed
CVE-2019-12524 was published May 24, 2022
The web server in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway allows... High Unreviewed
CVE-2019-19104 was published May 24, 2022
ABB MicroSCADA Pro SYS600 version 9.3 suffers from an instance of CWE-306: Missing Authentication... High Unreviewed
CVE-2019-5620 was published May 24, 2022
TeamPass files are available without authentication High
CVE-2020-12478 was published for nilsteampassnet/teampass (Composer) May 24, 2022
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.x,... High Unreviewed
CVE-2020-6242 was published May 24, 2022
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a... High Unreviewed
CVE-2019-18666 was published May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests. High Unreviewed
CVE-2020-15335 was published May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests. High Unreviewed
CVE-2020-15336 was published May 24, 2022
The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version... High Unreviewed
CVE-2020-10282 was published May 24, 2022
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not... High Unreviewed
CVE-2020-6287 was published May 24, 2022
Microweber Discloses Sensitive Information High
CVE-2020-13405 was published for microweber/microweber (Composer) May 24, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port... High Unreviewed
CVE-2020-15483 was published May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information... High Unreviewed
CVE-2020-25966 was published May 24, 2022
** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and... High Unreviewed
CVE-2020-27986 was published May 24, 2022
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and... High Unreviewed
CVE-2020-10291 was published May 24, 2022
A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an... High Unreviewed
CVE-2020-3392 was published May 24, 2022
Improper Authentication vulnerability in Gallagher Command Centre Server allows an... High Unreviewed
CVE-2020-16102 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... High Unreviewed
CVE-2020-24580 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database