Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

130 advisories

Loading
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access... High Unreviewed
CVE-2019-7476 was published May 24, 2022
An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The user running the main... High Unreviewed
CVE-2018-20052 was published May 24, 2022
In the configuration of NFC modules on certain devices, there is a possible failure to... High Unreviewed
CVE-2019-2041 was published May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS... High Unreviewed
CVE-2022-24287 was published May 21, 2022
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a... High Unreviewed
CVE-2014-0234 was published May 17, 2022
OpenStack Nova uses insecure keystone middleware tmpdir by default Moderate
CVE-2013-2030 was published for python-keystoneclient (pip) May 17, 2022
dcc_curr_list is initialized with a default invalid value that is expected to be programmed by... High Unreviewed
CVE-2018-5841 was published May 13, 2022
An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a... Critical Unreviewed
CVE-2018-5770 was published May 13, 2022
Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed... High Unreviewed
CVE-2018-3667 was published May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon... Critical Unreviewed
CVE-2018-3591 was published May 13, 2022
Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition... High Unreviewed
CVE-2018-20402 was published May 13, 2022
Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote... Critical Unreviewed
CVE-2018-15350 was published May 13, 2022
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default... Critical Unreviewed
CVE-2018-10968 was published May 13, 2022
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware... Critical Unreviewed
CVE-2018-10251 was published May 13, 2022
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the... High Unreviewed
CVE-2017-9137 was published May 13, 2022
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n... Critical Unreviewed
CVE-2017-8218 was published May 13, 2022
Insecure Default Initialization of Resource in Pivotal Spring Web Flow Moderate
CVE-2017-8039 was published for org.springframework.webflow:spring-webflow (Maven) May 13, 2022
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts,... Critical Unreviewed
CVE-2017-7964 was published May 13, 2022
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an... High Unreviewed
CVE-2017-6750 was published May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote... High Unreviewed
CVE-2017-6688 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed
CVE-2017-6692 was published May 13, 2022
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an... High Unreviewed
CVE-2017-6689 was published May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote... High Unreviewed
CVE-2017-6684 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated,... High Unreviewed
CVE-2017-6685 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed
CVE-2017-6686 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database