GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
414 advisories
Filter by severity
In System Management Module (SMM) versions prior to 1.06, the SMM contains weak default root...
High
Unreviewed
CVE-2018-9083
was published
May 13, 2022
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x...
High
Unreviewed
CVE-2018-5797
was published
May 13, 2022
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated...
High
Unreviewed
CVE-2018-5725
was published
May 13, 2022
A vulnerability in the permission and encryption implementation of Zemana Anti-Logger 1.9.3.527...
High
Unreviewed
CVE-2018-15491
was published
May 13, 2022
An attacker without authentication can login with default credentials for privileged users in...
High
Unreviewed
CVE-2018-15360
was published
May 13, 2022
The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the...
High
Unreviewed
CVE-2018-14901
was published
May 13, 2022
On the TP-Link TL-SG108E 1.0, there is a hard-coded ciphering key (a long string beginning with...
High
Unreviewed
CVE-2017-8077
was published
May 13, 2022
In net.MCrypt in the "Diary with lock" (aka WriteDiary) application 4.72 for Android, hardcoded...
High
Unreviewed
CVE-2017-15582
was published
May 13, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware...
High
Unreviewed
CVE-2017-14428
was published
May 13, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware...
High
Unreviewed
CVE-2017-14426
was published
May 13, 2022
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the...
High
Unreviewed
CVE-2017-11026
was published
May 13, 2022
Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard...
High
Unreviewed
CVE-2016-9495
was published
May 13, 2022
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an...
High
Unreviewed
CVE-2017-12350
was published
May 13, 2022
Gameloft Asphalt Xtreme: Offroad Rally Racing, 1.6.0, 2017-08-13, iOS application uses a hard...
High
Unreviewed
CVE-2017-13102
was published
May 13, 2022
Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, 5.0.3, 2017-09-19, Android...
High
Unreviewed
CVE-2017-13106
was published
May 13, 2022
Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key...
High
Unreviewed
CVE-2017-13107
was published
May 13, 2022
Musical.ly Inc., musical.ly - your video social network, 6.1.6, 2017-10-03, iOS application uses...
High
Unreviewed
CVE-2017-13101
was published
May 13, 2022
Uber Technologies, Inc. UberEATS: Uber for Food Delivery, 1.108.10001, 2017-11-02, iOS...
High
Unreviewed
CVE-2017-13104
was published
May 13, 2022
DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, Android application uses a...
High
Unreviewed
CVE-2017-13108
was published
May 13, 2022
DistinctDev, Inc., The Moron Test, 6.3.1, 2017-05-04, iOS application uses a hard-coded key for...
High
Unreviewed
CVE-2017-13100
was published
May 13, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9...
High
Unreviewed
CVE-2017-6054
was published
May 13, 2022
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally...
High
Unreviewed
CVE-2017-7537
was published
May 13, 2022
A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH...
High
Unreviewed
CVE-2017-7927
was published
May 13, 2022
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an...
High
Unreviewed
CVE-2018-0141
was published
May 13, 2022
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018,...
High
Unreviewed
CVE-2018-14801
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API