GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
335 advisories
Filter by severity
A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose...
Moderate
Unreviewed
CVE-2019-10224
was published
May 24, 2022
Plex Media Server 1.18.2.2029-36236cc4c allows remote attackers to bypass intended access control...
Moderate
Unreviewed
CVE-2018-21031
was published
May 24, 2022
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware...
Moderate
Unreviewed
CVE-2019-15801
was published
May 24, 2022
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using...
Moderate
Unreviewed
CVE-2019-17497
was published
May 24, 2022
An Unprotected Storage of Credentials vulnerability in the identity and access management...
Moderate
Unreviewed
CVE-2019-0072
was published
May 24, 2022
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana (e.g., MySQL...
Moderate
Unreviewed
CVE-2019-15635
was published
May 24, 2022
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the...
Moderate
Unreviewed
CVE-2019-16371
was published
May 24, 2022
Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve...
Moderate
Unreviewed
CVE-2019-13421
was published
May 24, 2022
Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K running firmware versions prior...
Moderate
Unreviewed
CVE-2019-3753
was published
May 24, 2022
The Logitech R500 presentation clicker allows attackers to determine the AES key, leading to...
Moderate
Unreviewed
CVE-2019-13054
was published
May 24, 2022
IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password in the IBM Spectrum Protect...
Moderate
Unreviewed
CVE-2019-4385
was published
May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an...
Moderate
Unreviewed
CVE-2019-0180
was published
May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an...
Moderate
Unreviewed
CVE-2019-11092
was published
May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an...
Moderate
Unreviewed
CVE-2019-0179
was published
May 24, 2022
Insufficient password protection in the attestation database for Open CIT may allow an...
Moderate
Unreviewed
CVE-2019-0175
was published
May 24, 2022
A vulnerability has been identified in SCALANCE X-200 (All Versions < V5.2.4), SCALANCE X-200IRT ...
Moderate
Unreviewed
CVE-2019-6567
was published
May 24, 2022
IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could allow a remote attacker to...
Moderate
Unreviewed
CVE-2019-4138
was published
May 24, 2022
Insufficient key protection vulnerability in silicon reference firmware for Intel(R) Pentium(R)...
Moderate
Unreviewed
CVE-2019-0120
was published
May 24, 2022
eyeDisk implements the unlock feature by sending a cleartext password. The password can be...
Moderate
Unreviewed
CVE-2019-11885
was published
May 24, 2022
rubygem-hammer_cli_foreman: File /etc/hammer/cli.modules.d/foreman.yml world readable
Moderate
Unreviewed
CVE-2014-0241
was published
May 17, 2022
The default configuration of Tridium Niagara AX Framework through 3.6 uses a cleartext base64...
Moderate
Unreviewed
CVE-2012-3025
was published
May 17, 2022
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does...
Moderate
Unreviewed
CVE-2012-5627
was published
May 17, 2022
Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that...
Moderate
Unreviewed
CVE-2022-29587
was published
May 17, 2022
An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the SNMP...
Moderate
Unreviewed
CVE-2018-9280
was published
May 13, 2022
An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the user's...
Moderate
Unreviewed
CVE-2018-9279
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API