GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
143 advisories
Filter by severity
An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3...
Critical
Unreviewed
CVE-2022-28005
was published
May 7, 2022
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is...
Critical
Unreviewed
CVE-2022-37109
was published
Nov 15, 2022
The HTTP client in the Build tool in Gradle before 5.6 sends authentication credentials...
Critical
Unreviewed
CVE-2019-15052
was published
May 24, 2022
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file...
Critical
Unreviewed
CVE-2022-45599
was published
Feb 23, 2023
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2...
Critical
Unreviewed
CVE-2018-7820
was published
May 24, 2022
Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials.
Critical
Unreviewed
CVE-2022-43969
was published
Feb 16, 2023
A security regression of CVE-2019-9636 was discovered in python since commit...
Critical
Unreviewed
CVE-2019-10160
was published
May 24, 2022
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in...
Critical
Unreviewed
CVE-2022-32518
was published
Jan 31, 2023
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in...
Critical
Unreviewed
CVE-2022-32520
was published
Jan 31, 2023
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1...
Critical
Unreviewed
CVE-2022-47697
was published
Jan 31, 2023
A CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in...
Critical
Unreviewed
CVE-2022-32519
was published
Jan 31, 2023
An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files...
Critical
Unreviewed
CVE-2021-37401
was published
Dec 29, 2021
An attacker may obtain the user credentials from the communication between the PLC and the...
Critical
Unreviewed
CVE-2021-37400
was published
Dec 29, 2021
The login interface on TNLSoftSolutions Sentry Vision 3.x devices provides password disclosure by...
Critical
Unreviewed
CVE-2018-9031
was published
May 13, 2022
Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices allow remote attackers to...
Critical
Unreviewed
CVE-2018-20388
was published
May 13, 2022
Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100...
Critical
Unreviewed
CVE-2018-20398
was published
May 13, 2022
CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT 125.553mp1.39219mp1.899.005ITT,...
Critical
Unreviewed
CVE-2018-20385
was published
May 13, 2022
Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and TWG870 STB2.01.36 devices...
Critical
Unreviewed
CVE-2018-20394
was published
May 13, 2022
Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices allow remote attackers to...
Critical
Unreviewed
CVE-2018-20387
was published
May 13, 2022
ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account with the tTn3+Z@!Sr0O+...
Critical
Unreviewed
CVE-2018-18754
was published
May 13, 2022
NET&SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allow remote attackers to discover...
Critical
Unreviewed
CVE-2018-20396
was published
May 13, 2022
NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote attackers to discover credentials...
Critical
Unreviewed
CVE-2018-20395
was published
May 13, 2022
Technicolor TC7110.B STC8.62.02 devices allow remote attackers to discover Wi-Fi credentials via...
Critical
Unreviewed
CVE-2018-20442
was published
May 13, 2022
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and...
Critical
Unreviewed
CVE-2018-19078
was published
May 13, 2022
Kaonmedia CG2001-AN22A 1.2.1, CG2001-UDBNA 3.0.8, and CG2001-UN2NA 3.0.8 devices allow remote...
Critical
Unreviewed
CVE-2018-20390
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API