GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,645
Composer 4,233
Erlang 31
GitHub Actions 20
Go 1,992
Maven 5,179
npm 3,709
NuGet 661
pip 3,346
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 234,951

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

132 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated,... High Unreviewed

CVE-2017-6685 was published May 13, 2022

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed

CVE-2017-6687 was published May 13, 2022

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed

CVE-2017-6686 was published May 13, 2022

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting... Moderate Unreviewed

CVE-2017-5491 was published May 13, 2022

An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier.... High Unreviewed

CVE-2017-5155 was published May 13, 2022

Insecure Default Initialization of Resource in Pivotal Spring Web Flow Moderate

CVE-2017-4971 was published for org.springframework.webflow:spring-webflow (Maven) May 13, 2022

An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants... Critical Unreviewed

CVE-2017-12739 was published May 13, 2022

A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic... Critical Unreviewed

CVE-2018-0130 was published May 13, 2022

Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify... High Unreviewed

CVE-2018-10605 was published May 13, 2022

IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that... High Unreviewed

CVE-2018-1524 was published May 13, 2022

In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used... Moderate Unreviewed

CVE-2018-3825 was published May 13, 2022

EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability... Critical Unreviewed

CVE-2017-8021 was published May 13, 2022

Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change... Critical Unreviewed

CVE-2019-3909 was published May 13, 2022

In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings... High Unreviewed

CVE-2019-1994 was published May 13, 2022

The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a... Critical Unreviewed

CVE-2018-19275 was published May 13, 2022

Lobby Track Desktop contains default administrative credentials. An attacker could exploit this... High Unreviewed

CVE-2018-17485 was published May 13, 2022

eVisitorPass contains default administrative credentials. An attacker could exploit this... High Unreviewed

CVE-2018-17497 was published May 13, 2022

A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker... High Unreviewed

CVE-2018-0263 was published May 13, 2022

Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store... High Unreviewed

CVE-2019-3783 was published May 13, 2022

A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running... Critical Unreviewed

CVE-2017-3834 was published May 13, 2022

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in... Critical Unreviewed

CVE-2017-5178 was published May 13, 2022

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a... Moderate Unreviewed

CVE-2018-10989 was published May 13, 2022

In Apache CouchDB prior to 3.2.2, an attacker can access an improperly secured default... Critical Unreviewed

CVE-2022-24706 was published Apr 27, 2022

makepasswd 1.10 default settings generate insecure passwords Moderate Unreviewed

CVE-2010-2247 was published Apr 21, 2022

In miniadb, there is a possible way to get read/write access to recovery system properties due to... High Unreviewed

CVE-2021-39767 was published Mar 31, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

132 advisories