Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

157 advisories

Loading
Client TLS credentials sent raw to server in npm package nats Critical
GHSA-prmc-5v5w-c465 was published for nats (npm) Apr 6, 2021
An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root... Critical Unreviewed
CVE-2021-20146 was published Dec 10, 2021
An attacker may obtain the user credentials from the communication between the PLC and the... Critical Unreviewed
CVE-2021-37400 was published Dec 29, 2021
An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files... Critical Unreviewed
CVE-2021-37401 was published Dec 29, 2021
The web application on Agilia Link+ version 3.0 implements authentication and session management... Critical Unreviewed
CVE-2021-23196 was published Jan 22, 2022
An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3... Critical Unreviewed
CVE-2022-28005 was published May 7, 2022
An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs... Critical Unreviewed
CVE-2017-6028 was published May 13, 2022
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover... Critical Unreviewed
CVE-2018-20386 was published May 13, 2022
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover... Critical Unreviewed
CVE-2018-20383 was published May 13, 2022
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI. Critical Unreviewed
CVE-2018-11742 was published May 13, 2022
Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in... Critical Unreviewed
CVE-2017-13771 was published May 13, 2022
D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote... Critical Unreviewed
CVE-2018-20445 was published May 13, 2022
In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM... Critical Unreviewed
CVE-2018-11746 was published May 13, 2022
Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in... Critical Unreviewed
CVE-2018-1000851 was published May 13, 2022
An issue was discovered on Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE... Critical Unreviewed
CVE-2018-18698 was published May 13, 2022
A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP credentials,... Critical Unreviewed
CVE-2018-19466 was published May 13, 2022
TeamPass Storing Passwords in a Recoverable Format vulnerability Critical
CVE-2019-1000001 was published for nilsteampassnet/teampass (Composer) May 13, 2022
IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database... Critical Unreviewed
CVE-2019-4059 was published May 13, 2022
Platform dependent weakness. This issue only impacts iSeries platforms. On these platforms, in... Critical Unreviewed
CVE-2019-6609 was published May 13, 2022
Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way... Critical Unreviewed
CVE-2018-17245 was published May 13, 2022
The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a... Critical Unreviewed
CVE-2018-11544 was published May 13, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed
CVE-2018-8851 was published May 13, 2022
In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23,... Critical Unreviewed
CVE-2018-7518 was published May 13, 2022
In the web application in BeaconMedaes TotalAlert Scroll Medical Air Systems running software... Critical Unreviewed
CVE-2018-7510 was published May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The... Critical Unreviewed
CVE-2018-17900 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database