GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,335
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,939
Maven 5,134
npm 3,677
NuGet 643
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,799

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

151 advisories

Filter by severity

Sort by

Least recently updated

Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices allow remote attackers to... Critical Unreviewed

CVE-2018-20387 was published May 13, 2022

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and... Critical Unreviewed

CVE-2018-19078 was published May 13, 2022

ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account with the tTn3+Z@!Sr0O+... Critical Unreviewed

CVE-2018-18754 was published May 13, 2022

Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext... Critical Unreviewed

CVE-2018-17969 was published May 13, 2022

Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and... Critical Unreviewed

CVE-2018-17613 was published May 13, 2022

In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and... Critical Unreviewed

CVE-2018-16791 was published May 13, 2022

An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in... Critical Unreviewed

CVE-2018-16669 was published May 13, 2022

Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the... Critical Unreviewed

CVE-2018-16223 was published May 13, 2022

An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone... Critical Unreviewed

CVE-2018-14081 was published May 13, 2022

ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in... Critical Unreviewed

CVE-2018-10024 was published May 13, 2022

Battelle V2I Hub 2.5.1 could allow a remote attacker to obtain sensitive information, caused by... Critical Unreviewed

CVE-2018-1000627 was published May 13, 2022

Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity... Critical Unreviewed

CVE-2017-9248 was published May 13, 2022

Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices... Critical Unreviewed

CVE-2017-8837 was published May 13, 2022

On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not... Critical Unreviewed

CVE-2017-8225 was published May 13, 2022

In ABB IP GATEWAY 3.39 and prior, some configuration files contain passwords stored in plain-text... Critical Unreviewed

CVE-2017-7933 was published May 13, 2022

Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 have cleartext credentials in... Critical Unreviewed

CVE-2017-6532 was published May 13, 2022

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,... Critical Unreviewed

CVE-2017-5140 was published May 13, 2022

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,... Critical Unreviewed

CVE-2017-5139 was published May 13, 2022

Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated... Critical Unreviewed

CVE-2017-17106 was published May 13, 2022

dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for... Critical Unreviewed

CVE-2017-11349 was published May 13, 2022

Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintext Critical

CVE-2017-1000245 was published for org.jenkins-ci.plugins:ssh (Maven) May 13, 2022

An information leak exists in Wanscam's HW0021 network camera that allows an unauthenticated... Critical Unreviewed

CVE-2017-11510 was published May 13, 2022

In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in... Critical Unreviewed

CVE-2017-16714 was published May 13, 2022

D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently... Critical Unreviewed

CVE-2017-3192 was published May 13, 2022

A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC... Critical Unreviewed

CVE-2017-7925 was published May 13, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

151 advisories