GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,330
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
132 advisories
Filter by severity
A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric...
Critical
Unreviewed
CVE-2019-1804
was published
May 24, 2022
doorGets 7.0 has a default administrator credential vulnerability. A remote attacker can use this...
Critical
Unreviewed
CVE-2019-11618
was published
May 24, 2022
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access...
High
Unreviewed
CVE-2019-7476
was published
May 24, 2022
An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The user running the main...
High
Unreviewed
CVE-2018-20052
was published
May 24, 2022
In the configuration of NFC modules on certain devices, there is a possible failure to...
High
Unreviewed
CVE-2019-2041
was published
May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2022-24287
was published
May 21, 2022
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a...
High
Unreviewed
CVE-2014-0234
was published
May 17, 2022
OpenStack Nova uses insecure keystone middleware tmpdir by default
Moderate
CVE-2013-2030
was published
for
python-keystoneclient
(pip)
May 17, 2022
dcc_curr_list is initialized with a default invalid value that is expected to be programmed by...
High
Unreviewed
CVE-2018-5841
was published
May 13, 2022
An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a...
Critical
Unreviewed
CVE-2018-5770
was published
May 13, 2022
Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed...
High
Unreviewed
CVE-2018-3667
was published
May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon...
Critical
Unreviewed
CVE-2018-3591
was published
May 13, 2022
Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition...
High
Unreviewed
CVE-2018-20402
was published
May 13, 2022
Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote...
Critical
Unreviewed
CVE-2018-15350
was published
May 13, 2022
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default...
Critical
Unreviewed
CVE-2018-10968
was published
May 13, 2022
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware...
Critical
Unreviewed
CVE-2018-10251
was published
May 13, 2022
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the...
High
Unreviewed
CVE-2017-9137
was published
May 13, 2022
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n...
Critical
Unreviewed
CVE-2017-8218
was published
May 13, 2022
Insecure Default Initialization of Resource in Pivotal Spring Web Flow
Moderate
CVE-2017-8039
was published
for
org.springframework.webflow:spring-webflow
(Maven)
May 13, 2022
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts,...
Critical
Unreviewed
CVE-2017-7964
was published
May 13, 2022
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an...
High
Unreviewed
CVE-2017-6750
was published
May 13, 2022
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an...
High
Unreviewed
CVE-2017-6689
was published
May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote...
High
Unreviewed
CVE-2017-6688
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,...
High
Unreviewed
CVE-2017-6692
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,...
High
Unreviewed
CVE-2017-6686
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API