GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,179 advisories
Filter by severity
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private...
Critical
Unreviewed
CVE-2018-16158
was published
May 13, 2022
Use of a Hard-coded Cryptographic Key used to protect cookie session data in /var/www/xms...
Critical
Unreviewed
CVE-2018-11635
was published
May 13, 2022
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated,...
Critical
Unreviewed
CVE-2018-15439
was published
May 13, 2022
A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)...
Moderate
Unreviewed
CVE-2018-0329
was published
May 13, 2022
The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp...
Critical
Unreviewed
CVE-2016-6829
was published
May 13, 2022
An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file...
Critical
Unreviewed
CVE-2018-7047
was published
May 13, 2022
A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an...
Critical
Unreviewed
CVE-2019-1723
was published
May 13, 2022
Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative...
Critical
Unreviewed
CVE-2017-3222
was published
May 13, 2022
A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation...
High
Unreviewed
CVE-2017-12239
was published
May 13, 2022
General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5...
Critical
Unreviewed
CVE-2016-2310
was published
May 13, 2022
dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to...
Critical
Unreviewed
CVE-2018-18009
was published
May 13, 2022
D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded...
Critical
Unreviewed
CVE-2018-6210
was published
May 13, 2022
atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin...
Critical
Unreviewed
CVE-2018-18007
was published
May 13, 2022
An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services...
Critical
Unreviewed
CVE-2016-10177
was published
May 13, 2022
An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607.
High
Unreviewed
CVE-2016-10179
was published
May 13, 2022
Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx...
Critical
Unreviewed
CVE-2016-10305
was published
May 13, 2022
Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have...
Critical
Unreviewed
CVE-2016-10307
was published
May 13, 2022
MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may...
Critical
Unreviewed
CVE-2017-10818
was published
May 13, 2022
iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an...
Critical
Unreviewed
CVE-2017-6558
was published
May 13, 2022
An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704. It uses...
High
Unreviewed
CVE-2019-7161
was published
May 13, 2022
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When...
High
Unreviewed
CVE-2018-10898
was published
May 13, 2022
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough...
High
Unreviewed
CVE-2017-14115
was published
May 13, 2022
An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller...
High
Unreviewed
CVE-2019-3496
was published
May 13, 2022
An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping...
High
Unreviewed
CVE-2019-3497
was published
May 13, 2022
DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username...
Critical
Unreviewed
CVE-2017-7576
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API