Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

170 advisories

Loading
Dynacolor FCM-MB40 v1.2.0.0 use /etc/appWeb/appweb.pass to store administrative web-interface... Critical Unreviewed
CVE-2019-13400 was published May 24, 2022
LemonLDAP::NG -2.0.3 has Incorrect Access Control. Critical Unreviewed
CVE-2019-12046 was published May 24, 2022
CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial license exists, allows... Critical Unreviewed
CVE-2019-11350 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** The firmware of the PLANET Technology Corp NVR-915 and NVR-1615... Critical Unreviewed
CVE-2020-26097 was published May 24, 2022
An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows attackers to gain escalated... Critical Unreviewed
CVE-2022-45611 was published Aug 22, 2023
Potential leak of authentication data to 3rd parties Critical
CVE-2023-30846 was published for typed-rest-client (npm) Apr 27, 2023
yahavi JLLeitschuh
An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3... Critical Unreviewed
CVE-2022-28005 was published May 7, 2022
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is... Critical Unreviewed
CVE-2022-37109 was published Nov 15, 2022
The HTTP client in the Build tool in Gradle before 5.6 sends authentication credentials... Critical Unreviewed
CVE-2019-15052 was published May 24, 2022
Aztech WMB250AC Mesh Routers Firmware Version 016 2020 is vulnerable to PHP Type Juggling in file... Critical Unreviewed
CVE-2022-45599 was published Feb 23, 2023
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2... Critical Unreviewed
CVE-2018-7820 was published May 24, 2022
Ricoh mp_c4504ex devices with firmware 1.06 mishandle credentials. Critical Unreviewed
CVE-2022-43969 was published Feb 16, 2023
A security regression of CVE-2019-9636 was discovered in python since commit... Critical Unreviewed
CVE-2019-10160 was published May 24, 2022
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in... Critical Unreviewed
CVE-2022-32518 was published Jan 31, 2023
A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in... Critical Unreviewed
CVE-2022-32520 was published Jan 31, 2023
A CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in... Critical Unreviewed
CVE-2022-32519 was published Jan 31, 2023
An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files... Critical Unreviewed
CVE-2021-37401 was published Dec 29, 2021
An attacker may obtain the user credentials from the communication between the PLC and the... Critical Unreviewed
CVE-2021-37400 was published Dec 29, 2021
The login interface on TNLSoftSolutions Sentry Vision 3.x devices provides password disclosure by... Critical Unreviewed
CVE-2018-9031 was published May 13, 2022
Account takeover in facturascripts Critical
CVE-2022-1715 was published for facturascripts/facturascripts (Composer) May 14, 2022
Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100... Critical Unreviewed
CVE-2018-20398 was published May 13, 2022
Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices allow remote attackers to... Critical Unreviewed
CVE-2018-20388 was published May 13, 2022
Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and TWG870 STB2.01.36 devices... Critical Unreviewed
CVE-2018-20394 was published May 13, 2022
CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT 125.553mp1.39219mp1.899.005ITT,... Critical Unreviewed
CVE-2018-20385 was published May 13, 2022
Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices allow remote attackers to... Critical Unreviewed
CVE-2018-20387 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database