GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,955

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

108 advisories

Filter by severity

Sort by

Least recently updated

Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows... Moderate Unreviewed

CVE-2021-35535 was published Nov 19, 2021

In miniadb, there is a possible way to get read/write access to recovery system properties due to... High Unreviewed

CVE-2021-39767 was published Mar 31, 2022

makepasswd 1.10 default settings generate insecure passwords Moderate Unreviewed

CVE-2010-2247 was published Apr 21, 2022

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default... Critical Unreviewed

CVE-2022-24706 was published Apr 27, 2022

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a... Moderate Unreviewed

CVE-2018-10989 was published May 13, 2022

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in... Critical Unreviewed

CVE-2017-5178 was published May 13, 2022

A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running... Critical Unreviewed

CVE-2017-3834 was published May 13, 2022

Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store... High Unreviewed

CVE-2019-3783 was published May 13, 2022

A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker... High Unreviewed

CVE-2018-0263 was published May 13, 2022

eVisitorPass contains default administrative credentials. An attacker could exploit this... High Unreviewed

CVE-2018-17497 was published May 13, 2022

Lobby Track Desktop contains default administrative credentials. An attacker could exploit this... High Unreviewed

CVE-2018-17485 was published May 13, 2022

The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a... Critical Unreviewed

CVE-2018-19275 was published May 13, 2022

In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings... High Unreviewed

CVE-2019-1994 was published May 13, 2022

Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change... Critical Unreviewed

CVE-2019-3909 was published May 13, 2022

EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability... Critical Unreviewed

CVE-2017-8021 was published May 13, 2022

In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used... Moderate Unreviewed

CVE-2018-3825 was published May 13, 2022

IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that... High Unreviewed

CVE-2018-1524 was published May 13, 2022

Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify... High Unreviewed

CVE-2018-10605 was published May 13, 2022

A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic... Critical Unreviewed

CVE-2018-0130 was published May 13, 2022

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants... Critical Unreviewed

CVE-2017-12739 was published May 13, 2022

An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier.... High Unreviewed

CVE-2017-5155 was published May 13, 2022

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting... Moderate Unreviewed

CVE-2017-5491 was published May 13, 2022

A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote... High Unreviewed

CVE-2017-6684 was published May 13, 2022

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed

CVE-2017-6686 was published May 13, 2022

A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated,... High Unreviewed

CVE-2017-6685 was published May 13, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

108 advisories