GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,003
Composer 4,299
Erlang 31
GitHub Actions 21
Go 2,064
Maven 5,240
npm 3,744
NuGet 668
pip 3,424
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 239,960

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

359 advisories

Filter by severity

Sort by

Least recently updated

If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted... Moderate Unreviewed

CVE-2018-12383 was published May 13, 2022

An issue was discovered on Momentum Axel 720P 5.1.8 devices. The root password can be obtained in... Moderate Unreviewed

CVE-2018-12260 was published May 13, 2022

An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application... Moderate Unreviewed

CVE-2017-9969 was published May 13, 2022

Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses cleartext RAM storage for... Moderate Unreviewed

CVE-2017-8371 was published May 13, 2022

A vulnerability in the Virtual Network Function Manager's (VNFM) logging function of Cisco Ultra... Moderate Unreviewed

CVE-2017-6694 was published May 13, 2022

Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core... Moderate Unreviewed

CVE-2017-5704 was published May 13, 2022

A BIOS password extraction vulnerability has been reported on certain consumer notebooks with... Moderate Unreviewed

CVE-2017-2751 was published May 13, 2022

IBM WebSphere Message Broker stores user credentials in plain in clear text which can be read by... Moderate Unreviewed

CVE-2017-1207 was published May 13, 2022

Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party... Moderate Unreviewed

CVE-2017-9637 was published May 13, 2022

A vulnerability in the Admin Portal of Cisco Identity Services Engine (ISE) could allow an... Moderate Unreviewed

CVE-2018-15456 was published May 13, 2022

Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes. Moderate Unreviewed

CVE-2018-15717 was published May 13, 2022

All versions of the Medtronic 2090 Carelink Programmer are affected by a per-product username and... Moderate Unreviewed

CVE-2018-5446 was published May 13, 2022

Previous releases of the Puppet cisco_ios module output SSH session debug information including... Moderate Unreviewed

CVE-2018-11752 was published May 13, 2022

OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3... Moderate Unreviewed

CVE-2013-4222 was published May 13, 2022

An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to... Moderate Unreviewed

CVE-2018-12038 was published May 13, 2022

Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect... Moderate Unreviewed

CVE-2018-17871 was published May 13, 2022

Users with Site-level permissions can access files containing the username-encrypted passwords of... Moderate Unreviewed

CVE-2019-5615 was published May 13, 2022

The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x... Moderate Unreviewed

CVE-2014-4806 was published May 13, 2022

ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which... Moderate Unreviewed

CVE-2015-5955 was published May 13, 2022

The IBM Security Access Manager appliance includes configuration files that contain obfuscated... Moderate Unreviewed

CVE-2015-5013 was published May 13, 2022

Schneider Electric StruxureWare Building Expert MPM before 2.15 does not use encryption for the... Moderate Unreviewed

CVE-2015-3962 was published May 13, 2022

An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and... Moderate Unreviewed

CVE-2016-9360 was published May 13, 2022

A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4... Moderate Unreviewed

CVE-2017-12127 was published May 13, 2022

D-Link DIR-100 4.03B07 has PPTP and poe information disclosure Moderate Unreviewed

CVE-2013-7055 was published May 5, 2022

D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script Moderate Unreviewed

CVE-2013-7052 was published May 5, 2022

Previous 1 2 … 11 12 13 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

359 advisories