Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,146 advisories

Loading
Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due... High Unreviewed
CVE-2019-3710 was published May 13, 2022
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3... Critical Unreviewed
CVE-2017-7574 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7229 was published May 13, 2022
EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to... Critical Unreviewed
CVE-2017-8011 was published May 13, 2022
DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username... Critical Unreviewed
CVE-2017-7576 was published May 13, 2022
An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping... High Unreviewed
CVE-2019-3497 was published May 13, 2022
An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller... High Unreviewed
CVE-2019-3496 was published May 13, 2022
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough... High Unreviewed
CVE-2017-14115 was published May 13, 2022
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When... High Unreviewed
CVE-2018-10898 was published May 13, 2022
An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704. It uses... High Unreviewed
CVE-2019-7161 was published May 13, 2022
iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an... Critical Unreviewed
CVE-2017-6558 was published May 13, 2022
MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may... Critical Unreviewed
CVE-2017-10818 was published May 13, 2022
Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have... Critical Unreviewed
CVE-2016-10307 was published May 13, 2022
Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx... Critical Unreviewed
CVE-2016-10305 was published May 13, 2022
An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607. High Unreviewed
CVE-2016-10179 was published May 13, 2022
An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services... Critical Unreviewed
CVE-2016-10177 was published May 13, 2022
atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin... Critical Unreviewed
CVE-2018-18007 was published May 13, 2022
D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded... Critical Unreviewed
CVE-2018-6210 was published May 13, 2022
dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to... Critical Unreviewed
CVE-2018-18009 was published May 13, 2022
General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5... Critical Unreviewed
CVE-2016-2310 was published May 13, 2022
A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation... High Unreviewed
CVE-2017-12239 was published May 13, 2022
Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative... Critical Unreviewed
CVE-2017-3222 was published May 13, 2022
A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an... Critical Unreviewed
CVE-2019-1723 was published May 13, 2022
An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file... Critical Unreviewed
CVE-2018-7047 was published May 13, 2022
The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp... Critical Unreviewed
CVE-2016-6829 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database