Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

155 advisories

Loading
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do... Critical Unreviewed
CVE-2021-3586 was published Aug 23, 2022
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to... Moderate Unreviewed
CVE-2022-20466 was published Dec 13, 2022
Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a... Moderate Unreviewed
CVE-2018-10989 was published May 13, 2022
A vulnerability in Cisco Aironet 1830 Series and Cisco Aironet 1850 Series Access Points running... Critical Unreviewed
CVE-2017-3834 was published May 13, 2022
Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public default session store... High Unreviewed
CVE-2019-3783 was published May 13, 2022
A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker... High Unreviewed
CVE-2018-0263 was published May 13, 2022
Arbitrary Code Execution in grunt High
CVE-2020-7729 was published for grunt (npm) May 6, 2021
Lobby Track Desktop contains default administrative credentials. An attacker could exploit this... High Unreviewed
CVE-2018-17485 was published May 13, 2022
The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a... Critical Unreviewed
CVE-2018-19275 was published May 13, 2022
eVisitorPass contains default administrative credentials. An attacker could exploit this... High Unreviewed
CVE-2018-17497 was published May 13, 2022
In refresh of DevelopmentTiles.java, there is the possibility of leaving development settings... High Unreviewed
CVE-2019-1994 was published May 13, 2022
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change... Critical Unreviewed
CVE-2019-3909 was published May 13, 2022
EMC Elastic Cloud Storage (ECS) before 3.1 is affected by an undocumented account vulnerability... Critical Unreviewed
CVE-2017-8021 was published May 13, 2022
IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that... High Unreviewed
CVE-2018-1524 was published May 13, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used... Moderate Unreviewed
CVE-2018-3825 was published May 13, 2022
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify... High Unreviewed
CVE-2018-10605 was published May 13, 2022
A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic... Critical Unreviewed
CVE-2018-0130 was published May 13, 2022
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants... Critical Unreviewed
CVE-2017-12739 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated,... High Unreviewed
CVE-2017-6685 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed
CVE-2017-6686 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed
CVE-2017-6687 was published May 13, 2022
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an... High Unreviewed
CVE-2017-6750 was published May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote... High Unreviewed
CVE-2017-6684 was published May 13, 2022
A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated,... High Unreviewed
CVE-2017-6692 was published May 13, 2022
A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote... High Unreviewed
CVE-2017-6688 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database