Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,086
Maven
5,000+
npm
3,747
NuGet
674
pip
3,436
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

351 advisories

Loading
Exposure of repository credentials to external third-party sources in Rancher High
CVE-2021-36778 was published for github.com/rancher/rancher (Go) May 2, 2022
dasMulli
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j)... High Unreviewed
CVE-2019-5534 was published May 24, 2022
VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j)... High Unreviewed
CVE-2019-5532 was published May 24, 2022
Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable... High Unreviewed
CVE-2019-10210 was published May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API. High Unreviewed
CVE-2020-15341 was published Sep 30, 2022
The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance products prior to... High Unreviewed
CVE-2019-18572 was published May 24, 2022
Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102... High Unreviewed
CVE-2019-19843 was published May 24, 2022
Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two users that are not documented... High Unreviewed
CVE-2020-9023 was published May 24, 2022
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials.... High Unreviewed
CVE-2022-45423 was published Dec 27, 2022
Bond JetSelect (all versions) has an issue in the Java class (ENCtool.jar) and corresponding... High Unreviewed
CVE-2019-13022 was published May 24, 2022
A credential-exposure vulnerability in the support-bundle mechanism in Gradle Enterprise 2022.3... High Unreviewed
CVE-2022-41575 was published Oct 21, 2022
An issue was discovered in Mattermost Server before 5.8.0. It mishandles brute-force attacks... High Unreviewed
CVE-2019-20881 was published May 24, 2022
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN... High Unreviewed
CVE-2019-15311 was published May 24, 2022
An issue was discovered on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus... High Unreviewed
CVE-2020-16134 was published May 24, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The device enables an... High Unreviewed
CVE-2020-15482 was published May 24, 2022
Jenkins Configuration as Code Plugin has Insufficiently Protected Credentials High
CVE-2018-1000610 was published for io.jenkins:configuration-as-code (Maven) May 13, 2022
Jenkins AWS CodePipeline Plugin has Insufficiently Protected Credentials High
CVE-2018-1000401 was published for com.amazonaws:aws-codepipeline (Maven) May 13, 2022
Insufficiently Protected Credentials in Jenkins AWS CodeBuild Plugin High
CVE-2018-1000404 was published for com.amazonaws:aws-codebuild (Maven) May 13, 2022
On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented,... High Unreviewed
CVE-2019-20033 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... High Unreviewed
CVE-2020-26900 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... High Unreviewed
CVE-2020-26897 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... High Unreviewed
CVE-2020-26905 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... High Unreviewed
CVE-2020-26904 was published May 24, 2022
Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... High Unreviewed
CVE-2020-26903 was published May 24, 2022
Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0... High Unreviewed
CVE-2020-12333 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database