GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
151 advisories
Filter by severity
Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices allow remote attackers to...
Critical
Unreviewed
CVE-2018-20387
was published
May 13, 2022
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and...
Critical
Unreviewed
CVE-2018-19078
was published
May 13, 2022
ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account with the tTn3+Z@!Sr0O+...
Critical
Unreviewed
CVE-2018-18754
was published
May 13, 2022
Samsung SCX-6545X V2.00.03.01 03-23-2012 devices allows remote attackers to discover cleartext...
Critical
Unreviewed
CVE-2018-17969
was published
May 13, 2022
Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and...
Critical
Unreviewed
CVE-2018-17613
was published
May 13, 2022
In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and...
Critical
Unreviewed
CVE-2018-16791
was published
May 13, 2022
An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in...
Critical
Unreviewed
CVE-2018-16669
was published
May 13, 2022
Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the...
Critical
Unreviewed
CVE-2018-16223
was published
May 13, 2022
An issue was discovered on D-Link DIR-809 A1 through 1.09, A2 through 1.11, and Guest Zone...
Critical
Unreviewed
CVE-2018-14081
was published
May 13, 2022
ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in...
Critical
Unreviewed
CVE-2018-10024
was published
May 13, 2022
Battelle V2I Hub 2.5.1 could allow a remote attacker to obtain sensitive information, caused by...
Critical
Unreviewed
CVE-2018-1000627
was published
May 13, 2022
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity...
Critical
Unreviewed
CVE-2017-9248
was published
May 13, 2022
Cleartext password storage exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices...
Critical
Unreviewed
CVE-2017-8837
was published
May 13, 2022
On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not...
Critical
Unreviewed
CVE-2017-8225
was published
May 13, 2022
In ABB IP GATEWAY 3.39 and prior, some configuration files contain passwords stored in plain-text...
Critical
Unreviewed
CVE-2017-7933
was published
May 13, 2022
Televes COAXDATA GATEWAY 1Gbps devices doc-wifi-hgw_v1.02.0014 4.20 have cleartext credentials in...
Critical
Unreviewed
CVE-2017-6532
was published
May 13, 2022
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,...
Critical
Unreviewed
CVE-2017-5140
was published
May 13, 2022
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,...
Critical
Unreviewed
CVE-2017-5139
was published
May 13, 2022
Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated...
Critical
Unreviewed
CVE-2017-17106
was published
May 13, 2022
dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for...
Critical
Unreviewed
CVE-2017-11349
was published
May 13, 2022
Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintext
Critical
CVE-2017-1000245
was published
for
org.jenkins-ci.plugins:ssh
(Maven)
May 13, 2022
An information leak exists in Wanscam's HW0021 network camera that allows an unauthenticated...
Critical
Unreviewed
CVE-2017-11510
was published
May 13, 2022
In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in...
Critical
Unreviewed
CVE-2017-16714
was published
May 13, 2022
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently...
Critical
Unreviewed
CVE-2017-3192
was published
May 13, 2022
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC...
Critical
Unreviewed
CVE-2017-7925
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API