GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
28 advisories
Filter by severity
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows...
Moderate
Unreviewed
CVE-2021-35535
was published
Nov 19, 2021
makepasswd 1.10 default settings generate insecure passwords
Moderate
Unreviewed
CVE-2010-2247
was published
Apr 21, 2022
Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a...
Moderate
Unreviewed
CVE-2018-10989
was published
May 13, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used...
Moderate
Unreviewed
CVE-2018-3825
was published
May 13, 2022
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting...
Moderate
Unreviewed
CVE-2017-5491
was published
May 13, 2022
The Last.fm desktop app (Last.fm Scrobbler) through 2.1.39 on macOS makes HTTP requests that...
Moderate
Unreviewed
CVE-2019-19251
was published
May 24, 2022
Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows...
Moderate
Unreviewed
CVE-2020-12327
was published
May 24, 2022
Insecure default initialization of resource in Intel(R) Boot Guard in Intel(R) CSME versions...
Moderate
Unreviewed
CVE-2020-8705
was published
May 24, 2022
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params...
Moderate
Unreviewed
CVE-2020-11915
was published
May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged...
Moderate
Unreviewed
CVE-2021-0144
was published
May 24, 2022
Insecure default variable initialization for the Intel BSSA DFT feature may allow a privileged...
Moderate
Unreviewed
CVE-2021-0114
was published
May 24, 2022
Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0...
Moderate
Unreviewed
CVE-2022-32480
was published
Aug 23, 2022
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel...
Moderate
Unreviewed
CVE-2022-36349
was published
Nov 11, 2022
In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS using the "Default...
Moderate
Unreviewed
CVE-2022-46831
was published
Dec 8, 2022
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to...
Moderate
Unreviewed
CVE-2022-20466
was published
Dec 13, 2022
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation...
Moderate
Unreviewed
CVE-2022-47196
was published
Jan 19, 2023
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation...
Moderate
Unreviewed
CVE-2022-47194
was published
Jan 19, 2023
An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved...
Moderate
Unreviewed
CVE-2023-28978
was published
Apr 18, 2023
The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10...
Moderate
Unreviewed
CVE-2023-40708
was published
Aug 24, 2023
On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances...
Moderate
Unreviewed
CVE-2023-5368
was published
Oct 4, 2023
Certain configuration available in the communication channel for encoders could expose sensitive...
Moderate
Unreviewed
CVE-2024-22388
was published
Feb 7, 2024
In Liferay Portal 7.2.0 through 7.4.3.25, and older unsupported versions, and Liferay DXP 7.4...
Moderate
Unreviewed
CVE-2024-26267
was published
Feb 20, 2024
The EDS-4000/G4000 Series prior to version 3.2 includes IP forwarding capabilities that users...
Moderate
Unreviewed
CVE-2024-0387
was published
Feb 26, 2024
Enabled IP Forwarding feature in B&R Automation Runtime versions before 6.0.2 may allow remote...
Moderate
Unreviewed
CVE-2024-5801
was published
Aug 12, 2024
there is a possible arbitrary read due to an insecure default value. This could lead to local...
Moderate
Unreviewed
CVE-2024-44096
was published
Sep 13, 2024
ProTip!
Advisories are also available from the
GraphQL API