Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,301
Maven
5,000+
npm
3,942
NuGet
711
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
MTProto proxy remote code execution vulnerability High
CVE-2023-45312 was published for mtproto_proxy (Erlang) Oct 10, 2023
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could... High Unreviewed
CVE-2022-4224 was published Mar 23, 2023
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an... High Unreviewed
CVE-2019-1950 was published May 24, 2022
Tinyproxy commit 84f203f and earlier does not process HTTP request lines in the process_request()... High Unreviewed
CVE-2022-40468 was published Sep 20, 2022
In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed. High Unreviewed
CVE-2022-48432 was published Mar 29, 2023
Insecure defaults in UmbracoForms High
CVE-2020-7685 was published for UmbracoForms (NuGet) Jul 29, 2020
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a... High Unreviewed
CVE-2014-0234 was published May 17, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5.x before 3.5.3, where... High Unreviewed
CVE-2019-19340 was published May 24, 2022
dcc_curr_list is initialized with a default invalid value that is expected to be programmed by... High Unreviewed
CVE-2018-5841 was published May 13, 2022
Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed... High Unreviewed
CVE-2018-3667 was published May 13, 2022
Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition... High Unreviewed
CVE-2018-20402 was published May 13, 2022
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the... High Unreviewed
CVE-2017-9137 was published May 13, 2022
A vulnerability in the ConfD CLI of Cisco Elastic Services Controllers could allow an... High Unreviewed
CVE-2017-6689 was published May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote... High Unreviewed
CVE-2017-6684 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed
CVE-2017-6692 was published May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote... High Unreviewed
CVE-2017-6688 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed
CVE-2017-6687 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated,... High Unreviewed
CVE-2017-6685 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed
CVE-2017-6686 was published May 13, 2022
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an... High Unreviewed
CVE-2017-6750 was published May 13, 2022
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify... High Unreviewed
CVE-2018-10605 was published May 13, 2022
IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that... High Unreviewed
CVE-2018-1524 was published May 13, 2022
In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings... High Unreviewed
CVE-2019-1994 was published May 13, 2022
eVisitorPass contains default administrative credentials. An attacker could exploit this... High Unreviewed
CVE-2018-17497 was published May 13, 2022
Lobby Track Desktop contains default administrative credentials. An attacker could exploit this... High Unreviewed
CVE-2018-17485 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database