GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,909
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,044
Maven 5,228
npm 3,736
NuGet 663
pip 3,414
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,185

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

953 advisories

Filter by severity

Sort by

Least recently updated

The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user.... Critical Unreviewed

CVE-2020-35467 was published May 24, 2022

The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password... Critical Unreviewed

CVE-2020-35185 was published May 24, 2022

The official adminer docker images before 4.7.0-fastcgi contain a blank password for a root user.... Critical Unreviewed

CVE-2020-35186 was published May 24, 2022

The official chronograf docker images before 1.7.7-alpine (Alpine specific) contain a blank... Critical Unreviewed

CVE-2020-35188 was published May 24, 2022

SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The communication protocol of the... Moderate Unreviewed

CVE-2020-27272 was published May 24, 2022

The FullArmor HAPI File Share Mount Docker image through 2020-12-14 contains a blank password for... Critical Unreviewed

CVE-2020-35465 was published May 24, 2022

Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user.... Critical Unreviewed

CVE-2020-35462 was published May 24, 2022

Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user.... Critical Unreviewed

CVE-2020-35464 was published May 24, 2022

The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root... Critical Unreviewed

CVE-2020-35469 was published May 24, 2022

An issue was discovered in URVE Build 24.03.2020. Using the _internal/pc/shutdown.php path, it is... Critical Unreviewed

CVE-2020-29551 was published May 24, 2022

The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be... Critical Unreviewed

CVE-2020-27285 was published May 24, 2022

Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing... Critical Unreviewed

CVE-2021-22652 was published May 24, 2022

Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A... High Unreviewed

CVE-2020-26192 was published May 24, 2022

An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated... High Unreviewed

CVE-2022-36604 was published Sep 2, 2022

The official kong docker images before 1.0.2-alpine (Alpine specific) contain a blank password... Critical Unreviewed

CVE-2020-35189 was published May 24, 2022

The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a... Critical Unreviewed

CVE-2020-35190 was published May 24, 2022

The official vault docker images before 0.11.6 contain a blank password for a root user. System... Critical Unreviewed

CVE-2020-35192 was published May 24, 2022

The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank... Critical Unreviewed

CVE-2020-35195 was published May 24, 2022

The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank... Critical Unreviewed

CVE-2020-35197 was published May 24, 2022

Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5... High Unreviewed

CVE-2021-20662 was published May 24, 2022

An issue was discovered in Scytl sVote 2.1. Because the sdm-ws-rest API does not require... High Unreviewed

CVE-2019-25020 was published May 24, 2022

An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive... Critical Unreviewed

CVE-2021-26705 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could... Moderate Unreviewed

CVE-2021-1499 was published May 24, 2022

themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database,... Critical Unreviewed

CVE-2020-36333 was published May 24, 2022

IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for... Critical Unreviewed

CVE-2020-4958 was published May 24, 2022

Previous 1 2 … 5 6 7 8 9 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

953 advisories