Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,067 advisories

Loading
In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM... Critical Unreviewed
CVE-2018-11746 was published May 13, 2022
When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as... High Unreviewed
CVE-2019-0035 was published May 13, 2022
In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session... High Unreviewed
CVE-2018-20781 was published May 13, 2022
register.ghp in EFS Software Easy Chat Server versions 2.0 to 3.1 allows remote attackers to... High Unreviewed
CVE-2017-9557 was published May 13, 2022
Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products... Low Unreviewed
CVE-2012-3268 was published May 13, 2022
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and... High Unreviewed
CVE-2018-13822 was published May 13, 2022
D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote... Critical Unreviewed
CVE-2018-20445 was published May 13, 2022
The installation process in IBM Security AppScan Enterprise 8.x before 8.6.0.2 iFix 003, 8.7.x... Moderate Unreviewed
CVE-2014-4806 was published May 13, 2022
Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in... Critical Unreviewed
CVE-2017-13771 was published May 13, 2022
ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which... Moderate Unreviewed
CVE-2015-5955 was published May 13, 2022
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI. Critical Unreviewed
CVE-2018-11742 was published May 13, 2022
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover... Critical Unreviewed
CVE-2018-20386 was published May 13, 2022
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover... Critical Unreviewed
CVE-2018-20383 was published May 13, 2022
The IBM Security Access Manager appliance includes configuration files that contain obfuscated... Moderate Unreviewed
CVE-2015-5013 was published May 13, 2022
Schneider Electric StruxureWare Building Expert MPM before 2.15 does not use encryption for the... Moderate Unreviewed
CVE-2015-3962 was published May 13, 2022
An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs... Critical Unreviewed
CVE-2017-6028 was published May 13, 2022
An issue was discovered in General Electric (GE) Proficy HMI/SCADA iFIX Version 5.8 SIM 13 and... Moderate Unreviewed
CVE-2016-9360 was published May 13, 2022
A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4... Moderate Unreviewed
CVE-2017-12127 was published May 13, 2022
An exploitable clear text transmission of password vulnerability exists in the web server and... High Unreviewed
CVE-2017-12123 was published May 13, 2022
An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3... Critical Unreviewed
CVE-2022-28005 was published May 7, 2022
D-Link DIR-100 4.03B07: security bypass via an error in the cliget.cgi script Moderate Unreviewed
CVE-2013-7052 was published May 5, 2022
D-Link DIR-100 4.03B07 has PPTP and poe information disclosure Moderate Unreviewed
CVE-2013-7055 was published May 5, 2022
CloudForms stores user passwords in recoverable format Moderate Unreviewed
CVE-2013-4423 was published May 5, 2022
Exposure of repository credentials to external third-party sources in Rancher High
CVE-2021-36778 was published for github.com/rancher/rancher (Go) May 2, 2022
dasMulli
profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of... High Unreviewed
CVE-2007-0681 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database