GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
91
GitHub Actions
54
Go
4,194
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,422
Swift
61
Unreviewed advisories
All unreviewed
5,000+
249 advisories
Filter by severity
Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed...
High
Unreviewed
CVE-2018-3667
was published
May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon...
Critical
Unreviewed
CVE-2018-3591
was published
May 13, 2022
Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition...
High
Unreviewed
CVE-2018-20402
was published
May 13, 2022
Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote...
Critical
Unreviewed
CVE-2018-15350
was published
May 13, 2022
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default...
Critical
Unreviewed
CVE-2018-10968
was published
May 13, 2022
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware...
Critical
Unreviewed
CVE-2018-10251
was published
May 13, 2022
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the...
High
Unreviewed
CVE-2017-9137
was published
May 13, 2022
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n...
Critical
Unreviewed
CVE-2017-8218
was published
May 13, 2022
Insecure Default Initialization of Resource in Pivotal Spring Web Flow
Moderate
CVE-2017-8039
was published
for
org.springframework.webflow:spring-webflow
(Maven)
May 13, 2022
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts,...
Critical
Unreviewed
CVE-2017-7964
was published
May 13, 2022
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an...
High
Unreviewed
CVE-2017-6750
was published
May 13, 2022
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an...
High
Unreviewed
CVE-2017-6689
was published
May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote...
High
Unreviewed
CVE-2017-6688
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,...
High
Unreviewed
CVE-2017-6692
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,...
High
Unreviewed
CVE-2017-6687
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated,...
High
Unreviewed
CVE-2017-6685
was published
May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote...
High
Unreviewed
CVE-2017-6684
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,...
High
Unreviewed
CVE-2017-6686
was published
May 13, 2022
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting...
Moderate
Unreviewed
CVE-2017-5491
was published
May 13, 2022
An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier....
High
Unreviewed
CVE-2017-5155
was published
May 13, 2022
Insecure Default Initialization of Resource in Pivotal Spring Web Flow
Moderate
CVE-2017-4971
was published
for
org.springframework.webflow:spring-webflow
(Maven)
May 13, 2022
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants...
Critical
Unreviewed
CVE-2017-12739
was published
May 13, 2022
A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices (All versions < ROS V5.0...
High
Unreviewed
CVE-2017-12736
was published
May 13, 2022
A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic...
Critical
Unreviewed
CVE-2018-0130
was published
May 13, 2022
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify...
High
Unreviewed
CVE-2018-10605
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API