Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

51 advisories

Loading
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The password for the... Critical Unreviewed
CVE-2021-43036 was published Dec 7, 2021
The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access... Critical Unreviewed
CVE-2022-1039 was published Apr 21, 2022
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to... Critical Unreviewed
CVE-2019-7674 was published May 13, 2022
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The "user" account has a blank... Critical Unreviewed
CVE-2019-9123 was published May 13, 2022
Open Dental before version 18.4 installs a mysql database and uses the default credentials of ... Critical Unreviewed
CVE-2018-15719 was published May 13, 2022
A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and... Critical Unreviewed
CVE-2017-16727 was published May 13, 2022
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong... Critical Unreviewed
CVE-2017-1196 was published May 13, 2022
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have... Critical Unreviewed
CVE-2017-1221 was published May 13, 2022
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting... Critical Unreviewed
CVE-2017-12861 was published May 13, 2022
An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can... Critical Unreviewed
CVE-2017-14189 was published May 13, 2022
IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not... Critical Unreviewed
CVE-2017-1601 was published May 13, 2022
** DISPUTED ** An issue was discovered in SMA Solar Technology products. All inverters have a... Critical Unreviewed
CVE-2017-9853 was published May 13, 2022
Weak Password Requirements in UnboundID LDAP SDK Critical
CVE-2018-1000134 was published for com.unboundid:unboundid-ldapsdk (Maven) May 13, 2022
Baseon Lantronix MSS devices do not require a password for TELNET access. Critical Unreviewed
CVE-2018-12925 was published May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should have... Critical Unreviewed
CVE-2018-1372 was published May 13, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19064 was published May 13, 2022
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. Critical Unreviewed
CVE-2022-1775 was published May 21, 2022
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud... Critical Unreviewed
CVE-2019-9950 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1).... Critical Unreviewed
CVE-2019-13918 was published May 24, 2022
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability.... Critical Unreviewed
CVE-2019-3758 was published May 24, 2022
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating... Critical Unreviewed
CVE-2020-26201 was published May 24, 2022
Versions of the Official teamspeak Docker images through 3.6.0 contain a blank password for the... Critical Unreviewed
CVE-2020-29590 was published May 24, 2022
Versions of the Official registry Docker images through 2.7.0 contain a blank password for the... Critical Unreviewed
CVE-2020-29591 was published May 24, 2022
A weak password requirement vulnerability exists in the Create New User function of MintHCM... Critical Unreviewed
CVE-2021-25839 was published May 24, 2022
An access control vulnerability in Hame SD1 Wi-Fi firmware <=V.20140224154640 allows an attacker... Critical Unreviewed
CVE-2021-26797 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database