Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,009 advisories

Loading
IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized... High Unreviewed
CVE-2017-1764 was published May 13, 2022
Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated... Critical Unreviewed
CVE-2017-17106 was published May 13, 2022
Sera 1.2 stores the user's login password in plain text in their home directory. This makes... High Unreviewed
CVE-2017-15918 was published May 13, 2022
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4... High Unreviewed
CVE-2017-15656 was published May 13, 2022
The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga... High Unreviewed
CVE-2017-14711 was published May 13, 2022
The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. B (with firmware... High Unreviewed
CVE-2017-14418 was published May 13, 2022
The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier... High Unreviewed
CVE-2017-14111 was published May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login... High Unreviewed
CVE-2017-1378 was published May 13, 2022
IBM WebSphere MQ 9.0.1 and 9.0.2 Java/JMS application can incorrectly transmit user credentials... High Unreviewed
CVE-2017-1337 was published May 13, 2022
IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text... High Unreviewed
CVE-2017-1362 was published May 13, 2022
IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text... High Unreviewed
CVE-2017-1201 was published May 13, 2022
IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by... Moderate Unreviewed
CVE-2017-1207 was published May 13, 2022
dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for... Critical Unreviewed
CVE-2017-11349 was published May 13, 2022
Jenkins Build-Publisher plugin has Insufficiently Protected Credentials High
CVE-2017-1000387 was published for org.jenkins-ci.plugins:build-publisher (Maven) May 13, 2022
Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintext Critical
CVE-2017-1000245 was published for org.jenkins-ci.plugins:ssh (Maven) May 13, 2022
An information leak exists in Wanscam's HW0021 network camera that allows an unauthenticated... Critical Unreviewed
CVE-2017-11510 was published May 13, 2022
An Insufficiently Protected Credentials issue was discovered in LOYTEC LVIS-3ME versions prior to... High Unreviewed
CVE-2017-13998 was published May 13, 2022
In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in... Critical Unreviewed
CVE-2017-16714 was published May 13, 2022
An Unprotected Transport of Credentials issue was discovered in ABB Ellipse 8.3 through Ellipse 8... High Unreviewed
CVE-2017-16731 was published May 13, 2022
IBM BigFix Platform 9.5 - 9.5.9 stores user credentials in plain in clear text which can be read... High Unreviewed
CVE-2017-1231 was published May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that... High Unreviewed
CVE-2017-1411 was published May 13, 2022
The skyring-setup command creates random password for mongodb skyring database but it writes... High Unreviewed
CVE-2017-2665 was published May 13, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently... Critical Unreviewed
CVE-2017-3192 was published May 13, 2022
tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password... High Unreviewed
CVE-2017-7524 was published May 13, 2022
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC... Critical Unreviewed
CVE-2017-7925 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API