GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
194 advisories
Filter by severity
An issue was discovered in Pivotal GemFire for PCF 1.6.x versions prior to 1.6.5 and 1.7.x...
Critical
Unreviewed
CVE-2016-9885
was published
May 17, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An...
Critical
Unreviewed
CVE-2017-5166
was published
May 17, 2022
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to...
Critical
Unreviewed
CVE-2017-6070
was published
May 17, 2022
A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white...
Critical
Unreviewed
CVE-2017-5674
was published
May 17, 2022
iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2...
Critical
Unreviewed
CVE-2016-5757
was published
May 17, 2022
The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and...
Critical
Unreviewed
CVE-2015-5729
was published
May 17, 2022
Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the...
Critical
Unreviewed
CVE-2017-7575
was published
May 17, 2022
Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and...
Critical
Unreviewed
CVE-2016-1557
was published
May 17, 2022
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 discloses usernames,...
Critical
Unreviewed
CVE-2015-7247
was published
May 17, 2022
The Cloud Controller in Cloud Foundry before 239 logs user-provided service objects at creation,...
Critical
Unreviewed
CVE-2016-5006
was published
May 17, 2022
An issue was discovered on Humax Digital HG100 2.0.6 devices. The attacker can find the root...
Critical
Unreviewed
CVE-2017-7317
was published
May 17, 2022
A vulnerability in the symbolic link (symlink) creation functionality of the AutoVNF tool for the...
Critical
Unreviewed
CVE-2017-6708
was published
May 17, 2022
Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request...
Critical
Unreviewed
CVE-2017-11502
was published
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Critical
CVE-2017-1000362
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 17, 2022
Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233...
Critical
Unreviewed
CVE-2016-0903
was published
May 17, 2022
Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community,...
Critical
Unreviewed
CVE-2016-1473
was published
May 17, 2022
dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and...
Critical
Unreviewed
CVE-2017-11165
was published
May 17, 2022
libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error...
Critical
Unreviewed
CVE-2010-3845
was published
May 17, 2022
salt password information leaked in debug logs
Critical
CVE-2015-6941
was published
for
salt
(pip)
May 17, 2022
Sawmill Enterprise 8.7.9 allows remote attackers to gain login access by leveraging knowledge of...
Critical
Unreviewed
CVE-2017-5496
was published
May 17, 2022
The NETGEAR WNR2000v5 router leaks its serial number when performing a request to the ...
Critical
Unreviewed
CVE-2016-10175
was published
May 17, 2022
Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to...
Critical
Unreviewed
CVE-2015-5959
was published
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
Critical
CVE-2016-3086
was published
for
org.apache.hadoop:hadoop-yarn-server-nodemanager
(Maven)
May 17, 2022
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive...
Critical
Unreviewed
CVE-2017-14269
was published
May 17, 2022
eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP...
Critical
Unreviewed
CVE-2014-8174
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API