Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

170 advisories

Loading
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud... Critical Unreviewed
CVE-2019-9950 was published May 24, 2022
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. Critical Unreviewed
CVE-2022-1775 was published May 21, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19064 was published May 13, 2022
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04... High Unreviewed
CVE-2018-18562 was published May 13, 2022
On Dell 2335dn printers with Printer Firmware Version 2.70.05.02, Engine Firmware Version 1.10.65... High Unreviewed
CVE-2018-15748 was published May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should have... Critical Unreviewed
CVE-2018-1372 was published May 13, 2022
Baseon Lantronix MSS devices do not require a password for TELNET access. Critical Unreviewed
CVE-2018-12925 was published May 13, 2022
Weak Password Requirements in UnboundID LDAP SDK Critical
CVE-2018-1000134 was published for com.unboundid:unboundid-ldapsdk (Maven) May 13, 2022
** DISPUTED ** An issue was discovered in SMA Solar Technology products. All inverters have a... Critical Unreviewed
CVE-2017-9853 was published May 13, 2022
The National Payments Corporation of India BHIM application 1.3 for Android relies on a four... High Unreviewed
CVE-2017-9818 was published May 13, 2022
** DISPUTED ** Riverbed RiOS through 9.6.0 has a weak default password for the secure vault,... Moderate Unreviewed
CVE-2017-7306 was published May 13, 2022
** DISPUTED ** Riverbed RiOS through 9.6.0 does not require a bootloader password, which makes it... Moderate Unreviewed
CVE-2017-7305 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13 Supplemental Update is... Moderate Unreviewed
CVE-2017-7150 was published May 13, 2022
IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not... Critical Unreviewed
CVE-2017-1601 was published May 13, 2022
An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can... Critical Unreviewed
CVE-2017-14189 was published May 13, 2022
IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant... Moderate Unreviewed
CVE-2017-1386 was published May 13, 2022
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting... Critical Unreviewed
CVE-2017-12861 was published May 13, 2022
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have... Critical Unreviewed
CVE-2017-1221 was published May 13, 2022
IBM BigFix Compliance (TEMA SUAv1 SCA SCM) 1.9.70 does not require that users should have strong... Critical Unreviewed
CVE-2017-1196 was published May 13, 2022
A Credentials Management issue was discovered in Moxa NPort W2150A versions prior to 1.11, and... Critical Unreviewed
CVE-2017-16727 was published May 13, 2022
IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity... High Unreviewed
CVE-2017-1597 was published May 13, 2022
A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow... High Unreviewed
CVE-2018-0204 was published May 13, 2022
Open Dental before version 18.4 installs a mysql database and uses the default credentials of ... Critical Unreviewed
CVE-2018-15719 was published May 13, 2022
Ansible Tower before version 3.2.4 has a flaw in the management of system and organization... High Unreviewed
CVE-2018-1101 was published May 13, 2022
The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks... Moderate Unreviewed
CVE-2018-5389 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database