Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

135 advisories

Loading
wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting... Moderate Unreviewed
CVE-2017-5491 was published May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote... High Unreviewed
CVE-2017-6688 was published May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote... High Unreviewed
CVE-2017-6684 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed
CVE-2017-6692 was published May 13, 2022
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an... High Unreviewed
CVE-2017-6689 was published May 13, 2022
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts,... Critical Unreviewed
CVE-2017-7964 was published May 13, 2022
vsftpd on TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n... Critical Unreviewed
CVE-2017-8218 was published May 13, 2022
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware... Critical Unreviewed
CVE-2018-10251 was published May 13, 2022
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the... High Unreviewed
CVE-2017-9137 was published May 13, 2022
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default... Critical Unreviewed
CVE-2018-10968 was published May 13, 2022
Router Default Credentials in Kraftway 24F2XG Router firmware version 3.5.30.1118 allow remote... Critical Unreviewed
CVE-2018-15350 was published May 13, 2022
Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition... High Unreviewed
CVE-2018-20402 was published May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon... Critical Unreviewed
CVE-2018-3591 was published May 13, 2022
Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed... High Unreviewed
CVE-2018-3667 was published May 13, 2022
An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a... Critical Unreviewed
CVE-2018-5770 was published May 13, 2022
dcc_curr_list is initialized with a default invalid value that is expected to be programmed by... High Unreviewed
CVE-2018-5841 was published May 13, 2022
IBM Open Power Firmware OP910 and OP920 could allow access to BMC via IPMI using default OpenBMC... Critical Unreviewed
CVE-2019-4169 was published May 24, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where... High Unreviewed
CVE-2019-19340 was published May 24, 2022
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a... High Unreviewed
CVE-2014-0234 was published May 17, 2022
makepasswd 1.10 default settings generate insecure passwords Moderate Unreviewed
CVE-2010-2247 was published Apr 21, 2022
Insecure defaults in UmbracoForms High
CVE-2020-7685 was published for UmbracoForms (NuGet) Jul 29, 2020
In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents. Critical Unreviewed
CVE-2022-48342 was published Feb 23, 2023
In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed. High Unreviewed
CVE-2022-48432 was published Mar 29, 2023
Insecure Boot Image vulnerability in Hitachi Energy Relion Relion 670/650/SAM600-IO series allows... Moderate Unreviewed
CVE-2021-35535 was published Nov 19, 2021
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution... High Unreviewed
CVE-2022-2196 was published Jan 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database