GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
47 advisories
Filter by severity
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The password for the...
Critical
Unreviewed
CVE-2021-43036
was published
Dec 7, 2021
The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access...
Critical
Unreviewed
CVE-2022-1039
was published
Apr 21, 2022
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to...
Critical
Unreviewed
CVE-2019-7674
was published
May 13, 2022
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The "user" account has a blank...
Critical
Unreviewed
CVE-2019-9123
was published
May 13, 2022
Open Dental before version 18.4 installs a mysql database and uses the default credentials of ...
Critical
Unreviewed
CVE-2018-15719
was published
May 13, 2022
A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and...
Critical
Unreviewed
CVE-2017-16727
was published
May 13, 2022
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong...
Critical
Unreviewed
CVE-2017-1196
was published
May 13, 2022
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have...
Critical
Unreviewed
CVE-2017-1221
was published
May 13, 2022
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting...
Critical
Unreviewed
CVE-2017-12861
was published
May 13, 2022
An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can...
Critical
Unreviewed
CVE-2017-14189
was published
May 13, 2022
IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not...
Critical
Unreviewed
CVE-2017-1601
was published
May 13, 2022
** DISPUTED ** An issue was discovered in SMA Solar Technology products. All inverters have a...
Critical
Unreviewed
CVE-2017-9853
was published
May 13, 2022
Baseon Lantronix MSS devices do not require a password for TELNET access.
Critical
Unreviewed
CVE-2018-12925
was published
May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should have...
Critical
Unreviewed
CVE-2018-1372
was published
May 13, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application...
Critical
Unreviewed
CVE-2018-19064
was published
May 13, 2022
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.
Critical
Unreviewed
CVE-2022-1775
was published
May 21, 2022
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud...
Critical
Unreviewed
CVE-2019-9950
was published
May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1)....
Critical
Unreviewed
CVE-2019-13918
was published
May 24, 2022
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability....
Critical
Unreviewed
CVE-2019-3758
was published
May 24, 2022
Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating...
Critical
Unreviewed
CVE-2020-26201
was published
May 24, 2022
Versions of the Official teamspeak Docker images through 3.6.0 contain a blank password for the...
Critical
Unreviewed
CVE-2020-29590
was published
May 24, 2022
Versions of the Official registry Docker images through 2.7.0 contain a blank password for the...
Critical
Unreviewed
CVE-2020-29591
was published
May 24, 2022
A weak password requirement vulnerability exists in the Create New User function of MintHCM...
Critical
Unreviewed
CVE-2021-25839
was published
May 24, 2022
An access control vulnerability in Hame SD1 Wi-Fi firmware <=V.20140224154640 allows an attacker...
Critical
Unreviewed
CVE-2021-26797
was published
May 24, 2022
IBM Security Guardium 11.2 does not require that users should have strong passwords by default,...
Critical
Unreviewed
CVE-2021-20418
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API