GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,176
Erlang
30
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
31 advisories
Filter by severity
A condition exists in FlashArray Purity whereby a local account intended for initial array...
Critical
Unreviewed
CVE-2024-0001
was published
Sep 23, 2024
Initialization of a resource with an insecure default vulnerability in FutureNet NXR series, VXR...
Critical
Unreviewed
CVE-2024-31070
was published
Jul 17, 2024
A vulnerability in the BluStar component of Mitel InAttend 2.6 SP4 through 2.7 and CMG 8.5 SP4...
Critical
Unreviewed
CVE-2024-28815
was published
Mar 27, 2024
In Liferay Portal 7.2.0 through 7.4.3.12, and older unsupported versions, and Liferay DXP 7.4...
Critical
Unreviewed
CVE-2024-25610
was published
Feb 20, 2024
The affected devices use publicly available default credentials with administrative privileges.
Critical
Unreviewed
CVE-2023-39169
was published
Dec 7, 2023
Unitronics Vision Series PLCs and HMIs use default administrative passwords. An unauthenticated...
Critical
Unreviewed
CVE-2023-6448
was published
Dec 5, 2023
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.
Critical
Unreviewed
CVE-2022-48342
was published
Feb 23, 2023
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do...
Critical
Unreviewed
CVE-2021-3586
was published
Aug 23, 2022
In CODESYS V2 PLCWinNT and Runtime Toolkit 32 in versions prior to V2.4.7.57 password protection...
Critical
Unreviewed
CVE-2022-31806
was published
Jun 25, 2022
The Orca HCM digital learning platform uses a weak factory default administrator password, which...
Critical
Unreviewed
CVE-2021-35965
was published
May 24, 2022
Dell EMC Integrated System for Microsoft Azure Stack Hub, versions 1906 – 2011, contain an...
Critical
Unreviewed
CVE-2021-21505
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive...
Critical
Unreviewed
CVE-2021-34795
was published
May 24, 2022
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC...
Critical
Unreviewed
CVE-2019-4169
was published
May 24, 2022
NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were...
Critical
Unreviewed
CVE-2019-5497
was published
May 24, 2022
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric...
Critical
Unreviewed
CVE-2019-1804
was published
May 24, 2022
doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this...
Critical
Unreviewed
CVE-2019-11618
was published
May 24, 2022
An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a...
Critical
Unreviewed
CVE-2018-5770
was published
May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon...
Critical
Unreviewed
CVE-2018-3591
was published
May 13, 2022
Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote...
Critical
Unreviewed
CVE-2018-15350
was published
May 13, 2022
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default...
Critical
Unreviewed
CVE-2018-10968
was published
May 13, 2022
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware...
Critical
Unreviewed
CVE-2018-10251
was published
May 13, 2022
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n...
Critical
Unreviewed
CVE-2017-8218
was published
May 13, 2022
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts,...
Critical
Unreviewed
CVE-2017-7964
was published
May 13, 2022
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants...
Critical
Unreviewed
CVE-2017-12739
was published
May 13, 2022
A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic...
Critical
Unreviewed
CVE-2018-0130
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API