Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,064 advisories

Loading
IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before 1.4.3.3 places an... Low Unreviewed
CVE-2014-3045 was published May 17, 2022
usr/lib/cgi-bin/create_passwd_file.py in Pyplate 0.08 uses world-readable permissions for passwd... Low Unreviewed
CVE-2014-3851 was published May 17, 2022
The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell... Low Unreviewed
CVE-2014-5036 was published May 17, 2022
The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward... Low Unreviewed
CVE-2013-5150 was published May 17, 2022
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive... Low Unreviewed
CVE-2014-8526 was published May 17, 2022
McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users... Low Unreviewed
CVE-2014-8528 was published May 17, 2022
Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords... Low Unreviewed
CVE-2014-5037 was published May 17, 2022
Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system... Low Unreviewed
CVE-2014-5038 was published May 17, 2022
The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to... Low Unreviewed
CVE-2014-8476 was published May 17, 2022
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to... Low Unreviewed
CVE-2014-7993 was published May 17, 2022
Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password in plaintext in... Low Unreviewed
CVE-2014-8733 was published May 17, 2022
The Ogaki Kyoritsu Bank Smartphone Passbook application 1.0.0 for Android creates a log file... Low Unreviewed
CVE-2015-0875 was published May 17, 2022
The Siemens SPCanywhere application for Android does not properly store application passwords,... Low Unreviewed
CVE-2015-1598 was published May 17, 2022
The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password... Low Unreviewed
CVE-2012-4046 was published May 17, 2022
powervc-iso-import in IBM PowerVC 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 places an... Low Unreviewed
CVE-2015-0136 was published May 17, 2022
IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager... Low Unreviewed
CVE-2014-6134 was published May 17, 2022
The installation component in Hospira MedNet before 6.1 places cleartext credentials in... Low Unreviewed
CVE-2014-5400 was published May 17, 2022
Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local... Low Unreviewed
CVE-2015-0992 was published May 17, 2022
The USAA Mobile Banking application before 7.10.1 for Android displays the most recently-used... Low Unreviewed
CVE-2015-1314 was published May 17, 2022
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data... Low Unreviewed
CVE-2015-1602 was published May 17, 2022
The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39... Low Unreviewed
CVE-2011-1078 was published May 17, 2022
Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames to disk when overwriting... Low Unreviewed
CVE-2015-3999 was published May 17, 2022
IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1... Low Unreviewed
CVE-2015-0170 was published May 17, 2022
The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides the MySQL username and... Low Unreviewed
CVE-2014-8607 was published May 17, 2022
ceph-deploy uses world-readable permissions on client.admin key Low
CVE-2015-4053 was published for ceph-deploy (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database