GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
48 advisories
Filter by severity
In miniadb, there is a possible way to get read/write access to recovery system properties due to...
High
Unreviewed
CVE-2021-39767
was published
Mar 31, 2022
A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS...
High
Unreviewed
CVE-2022-24287
was published
May 21, 2022
A vulnerability in SonicWall Global Management System (GMS), allow a remote user to gain access...
High
Unreviewed
CVE-2019-7476
was published
May 24, 2022
A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve...
High
Unreviewed
CVE-2022-3262
was published
Dec 8, 2022
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is...
High
Unreviewed
CVE-2020-14011
was published
May 24, 2022
In permission declarations of DeviceAdminReceiver.java, there is a possible lack of broadcast...
High
Unreviewed
CVE-2021-0534
was published
May 24, 2022
nLight ECLYPSE (nECY) system Controllers running software prior to 1.17.21245.754 contain a...
High
Unreviewed
CVE-2021-40825
was published
May 24, 2022
Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store...
High
Unreviewed
CVE-2019-3783
was published
May 13, 2022
A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker...
High
Unreviewed
CVE-2018-0263
was published
May 13, 2022
Lobby Track Desktop contains default administrative credentials. An attacker could exploit this...
High
Unreviewed
CVE-2018-17485
was published
May 13, 2022
eVisitorPass contains default administrative credentials. An attacker could exploit this...
High
Unreviewed
CVE-2018-17497
was published
May 13, 2022
In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings...
High
Unreviewed
CVE-2019-1994
was published
May 13, 2022
IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that...
High
Unreviewed
CVE-2018-1524
was published
May 13, 2022
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify...
High
Unreviewed
CVE-2018-10605
was published
May 13, 2022
An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier....
High
Unreviewed
CVE-2017-5155
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated,...
High
Unreviewed
CVE-2017-6685
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,...
High
Unreviewed
CVE-2017-6687
was published
May 13, 2022
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an...
High
Unreviewed
CVE-2017-6750
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,...
High
Unreviewed
CVE-2017-6686
was published
May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote...
High
Unreviewed
CVE-2017-6684
was published
May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote...
High
Unreviewed
CVE-2017-6688
was published
May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,...
High
Unreviewed
CVE-2017-6692
was published
May 13, 2022
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an...
High
Unreviewed
CVE-2017-6689
was published
May 13, 2022
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the...
High
Unreviewed
CVE-2017-9137
was published
May 13, 2022
Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition...
High
Unreviewed
CVE-2018-20402
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API