Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

144 advisories

Loading
An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root... Critical Unreviewed
CVE-2021-20146 was published Dec 10, 2021
An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files... Critical Unreviewed
CVE-2021-37401 was published Dec 29, 2021
An attacker may obtain the user credentials from the communication between the PLC and the... Critical Unreviewed
CVE-2021-37400 was published Dec 29, 2021
The web application on Agilia Link+ version 3.0 implements authentication and session management... Critical Unreviewed
CVE-2021-23196 was published Jan 22, 2022
An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3... Critical Unreviewed
CVE-2022-28005 was published May 7, 2022
An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs... Critical Unreviewed
CVE-2017-6028 was published May 13, 2022
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover... Critical Unreviewed
CVE-2018-20383 was published May 13, 2022
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover... Critical Unreviewed
CVE-2018-20386 was published May 13, 2022
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI. Critical Unreviewed
CVE-2018-11742 was published May 13, 2022
Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in... Critical Unreviewed
CVE-2017-13771 was published May 13, 2022
D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote... Critical Unreviewed
CVE-2018-20445 was published May 13, 2022
In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM... Critical Unreviewed
CVE-2018-11746 was published May 13, 2022
Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in... Critical Unreviewed
CVE-2018-1000851 was published May 13, 2022
An issue was discovered on Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE... Critical Unreviewed
CVE-2018-18698 was published May 13, 2022
A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP credentials,... Critical Unreviewed
CVE-2018-19466 was published May 13, 2022
IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database... Critical Unreviewed
CVE-2019-4059 was published May 13, 2022
Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in... Critical Unreviewed
CVE-2019-6609 was published May 13, 2022
Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way... Critical Unreviewed
CVE-2018-17245 was published May 13, 2022
The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a... Critical Unreviewed
CVE-2018-11544 was published May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed
CVE-2018-8851 was published May 13, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,... Critical Unreviewed
CVE-2018-7518 was published May 13, 2022
In the web application in BeaconMedaes TotalAlert Scroll Medical Air Systems running software... Critical Unreviewed
CVE-2018-7510 was published May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The... Critical Unreviewed
CVE-2018-17900 was published May 13, 2022
A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3... Critical Unreviewed
CVE-2017-7913 was published May 13, 2022
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC... Critical Unreviewed
CVE-2017-7925 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database