GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,339
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,940
Maven 5,135
npm 3,677
NuGet 645
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,804

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

335 advisories

Filter by severity

Sort by

Least recently updated

A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose... Moderate Unreviewed

CVE-2019-10224 was published May 24, 2022

Plex Media Server 1.18.2.2029-36236cc4c allows remote attackers to bypass intended access control... Moderate Unreviewed

CVE-2018-21031 was published May 24, 2022

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware... Moderate Unreviewed

CVE-2019-15801 was published May 24, 2022

Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using... Moderate Unreviewed

CVE-2019-17497 was published May 24, 2022

An Unprotected Storage of Credentials vulnerability in the identity and access management... Moderate Unreviewed

CVE-2019-0072 was published May 24, 2022

An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL... Moderate Unreviewed

CVE-2019-15635 was published May 24, 2022

LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the... Moderate Unreviewed

CVE-2019-16371 was published May 24, 2022

Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve... Moderate Unreviewed

CVE-2019-13421 was published May 24, 2022

Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior... Moderate Unreviewed

CVE-2019-3753 was published May 24, 2022

The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to... Moderate Unreviewed

CVE-2019-13054 was published May 24, 2022

IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect... Moderate Unreviewed

CVE-2019-4385 was published May 24, 2022

Insufficient password protection in the attestation database for Open CIT may allow an... Moderate Unreviewed

CVE-2019-0180 was published May 24, 2022

Insufficient password protection in the attestation database for Open CIT may allow an... Moderate Unreviewed

CVE-2019-11092 was published May 24, 2022

Insufficient password protection in the attestation database for Open CIT may allow an... Moderate Unreviewed

CVE-2019-0179 was published May 24, 2022

Insufficient password protection in the attestation database for Open CIT may allow an... Moderate Unreviewed

CVE-2019-0175 was published May 24, 2022

A vulnerability has been identified in SCALANCE X-200 (All Versions < V5.2.4), SCALANCE X-200IRT ... Moderate Unreviewed

CVE-2019-6567 was published May 24, 2022

IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could allow a remote attacker to... Moderate Unreviewed

CVE-2019-4138 was published May 24, 2022

Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R)... Moderate Unreviewed

CVE-2019-0120 was published May 24, 2022

eyeDisk implements the unlock feature by sending a cleartext password. The password can be... Moderate Unreviewed

CVE-2019-11885 was published May 24, 2022

rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable Moderate Unreviewed

CVE-2014-0241 was published May 17, 2022

The default configuration of Tridium Niagara AX Framework through 3.6 uses a cleartext base64... Moderate Unreviewed

CVE-2012-3025 was published May 17, 2022

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does... Moderate Unreviewed

CVE-2012-5627 was published May 17, 2022

Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that... Moderate Unreviewed

CVE-2022-29587 was published May 17, 2022

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the SNMP... Moderate Unreviewed

CVE-2018-9280 was published May 13, 2022

An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the user's... Moderate Unreviewed

CVE-2018-9279 was published May 13, 2022

Previous 1 2 … 9 10 11 12 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

335 advisories