GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
149 advisories
Filter by severity
An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root...
Critical
Unreviewed
CVE-2021-20146
was published
Dec 10, 2021
An attacker may obtain the user credentials from the communication between the PLC and the...
Critical
Unreviewed
CVE-2021-37400
was published
Dec 29, 2021
An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files...
Critical
Unreviewed
CVE-2021-37401
was published
Dec 29, 2021
The web application on Agilia Link+ version 3.0 implements authentication and session management...
Critical
Unreviewed
CVE-2021-23196
was published
Jan 22, 2022
An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3...
Critical
Unreviewed
CVE-2022-28005
was published
May 7, 2022
An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs...
Critical
Unreviewed
CVE-2017-6028
was published
May 13, 2022
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover...
Critical
Unreviewed
CVE-2018-20386
was published
May 13, 2022
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover...
Critical
Unreviewed
CVE-2018-20383
was published
May 13, 2022
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.
Critical
Unreviewed
CVE-2018-11742
was published
May 13, 2022
Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in...
Critical
Unreviewed
CVE-2017-13771
was published
May 13, 2022
D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote...
Critical
Unreviewed
CVE-2018-20445
was published
May 13, 2022
In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM...
Critical
Unreviewed
CVE-2018-11746
was published
May 13, 2022
Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in...
Critical
Unreviewed
CVE-2018-1000851
was published
May 13, 2022
An issue was discovered on Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE...
Critical
Unreviewed
CVE-2018-18698
was published
May 13, 2022
A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP credentials,...
Critical
Unreviewed
CVE-2018-19466
was published
May 13, 2022
IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database...
Critical
Unreviewed
CVE-2019-4059
was published
May 13, 2022
Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in...
Critical
Unreviewed
CVE-2019-6609
was published
May 13, 2022
Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way...
Critical
Unreviewed
CVE-2018-17245
was published
May 13, 2022
The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a...
Critical
Unreviewed
CVE-2018-11544
was published
May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON...
Critical
Unreviewed
CVE-2018-8851
was published
May 13, 2022
In the web application in BeaconMedaes TotalAlert Scroll Medical Air Systems running software...
Critical
Unreviewed
CVE-2018-7510
was published
May 13, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,...
Critical
Unreviewed
CVE-2018-7518
was published
May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The...
Critical
Unreviewed
CVE-2018-17900
was published
May 13, 2022
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC...
Critical
Unreviewed
CVE-2017-7925
was published
May 13, 2022
A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3...
Critical
Unreviewed
CVE-2017-7913
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API