Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

161 advisories

Loading
dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and... Critical Unreviewed
CVE-2017-11165 was published May 17, 2022
libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error... Critical Unreviewed
CVE-2010-3845 was published May 17, 2022
Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of... Critical Unreviewed
CVE-2017-5496 was published May 17, 2022
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the ... Critical Unreviewed
CVE-2016-10175 was published May 17, 2022
Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to... Critical Unreviewed
CVE-2015-5959 was published May 17, 2022
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive... Critical Unreviewed
CVE-2017-14269 was published May 17, 2022
eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP... Critical Unreviewed
CVE-2014-8174 was published May 17, 2022
ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc... Critical Unreviewed
CVE-2015-5284 was published May 17, 2022
CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially... Critical Unreviewed
CVE-2017-9393 was published May 17, 2022
Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via... Critical Unreviewed
CVE-2015-8707 was published May 17, 2022
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains... Critical Unreviewed
CVE-2017-13701 was published May 17, 2022
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows... Critical Unreviewed
CVE-2017-13664 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-13150 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-13149 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-0879 was published May 17, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions. Critical Unreviewed
CVE-2017-17734 was published May 14, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies. Critical Unreviewed
CVE-2017-17735 was published May 14, 2022
CPEs used by subscribers on the access network receive their individual configuration settings... Critical Unreviewed
CVE-2017-6094 was published May 14, 2022
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access... Critical Unreviewed
CVE-2018-3813 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13204 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (aac). Product: Android.... Critical Unreviewed
CVE-2017-13188 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13185 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13203 was published May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... Critical Unreviewed
CVE-2017-11079 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13187 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database