Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

199 advisories

Loading
Sixnet BT-5xxx and BT-6xxx M2M devices before 3.8.21 and 3.9.x before 3.9.8 have hardcoded... Critical Unreviewed
CVE-2016-4521 was published May 17, 2022
Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain... Critical Unreviewed
CVE-2016-2298 was published May 17, 2022
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006... Critical Unreviewed
CVE-2016-1112 was published May 17, 2022
eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests... Critical Unreviewed
CVE-2015-7926 was published May 17, 2022
admin/plugin.php in Piwigo through 2.8.3 doesn't validate the sections variable while using it to... Critical Unreviewed
CVE-2016-10105 was published May 17, 2022
An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x... Critical Unreviewed
CVE-2016-9885 was published May 17, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An... Critical Unreviewed
CVE-2017-5166 was published May 17, 2022
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to... Critical Unreviewed
CVE-2017-6070 was published May 17, 2022
A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white... Critical Unreviewed
CVE-2017-5674 was published May 17, 2022
iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2... Critical Unreviewed
CVE-2016-5757 was published May 17, 2022
The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and... Critical Unreviewed
CVE-2015-5729 was published May 17, 2022
Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the... Critical Unreviewed
CVE-2017-7575 was published May 17, 2022
Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and... Critical Unreviewed
CVE-2016-1557 was published May 17, 2022
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames,... Critical Unreviewed
CVE-2015-7247 was published May 17, 2022
The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation,... Critical Unreviewed
CVE-2016-5006 was published May 17, 2022
An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root... Critical Unreviewed
CVE-2017-7317 was published May 17, 2022
A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the... Critical Unreviewed
CVE-2017-6708 was published May 17, 2022
Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request... Critical Unreviewed
CVE-2017-11502 was published May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Critical
CVE-2017-1000362 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233... Critical Unreviewed
CVE-2016-0903 was published May 17, 2022
Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community,... Critical Unreviewed
CVE-2016-1473 was published May 17, 2022
dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and... Critical Unreviewed
CVE-2017-11165 was published May 17, 2022
libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error... Critical Unreviewed
CVE-2010-3845 was published May 17, 2022
salt password information leaked in debug logs Critical
CVE-2015-6941 was published for salt (pip) May 17, 2022
Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of... Critical Unreviewed
CVE-2017-5496 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database