Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

546 advisories

Loading
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard... Critical Unreviewed
CVE-2018-8856 was published May 14, 2022
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340,... Critical Unreviewed
CVE-2018-7241 was published May 14, 2022
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the... Critical Unreviewed
CVE-2018-16957 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19069 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19067 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19063 was published May 14, 2022
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4... Critical Unreviewed
CVE-2018-0680 was published May 14, 2022
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4... Critical Unreviewed
CVE-2018-0681 was published May 14, 2022
Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android... Critical Unreviewed
CVE-2018-18006 was published May 14, 2022
The server API in the Anda app relies on hardcoded credentials. Critical Unreviewed
CVE-2018-13342 was published May 14, 2022
Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An... Critical Unreviewed
CVE-2018-1000625 was published May 14, 2022
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices... Critical Unreviewed
CVE-2018-12668 was published May 14, 2022
A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which... Critical Unreviewed
CVE-2018-7800 was published May 14, 2022
ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02... Critical Unreviewed
CVE-2019-10011 was published May 14, 2022
An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded... Critical Unreviewed
CVE-2019-10479 was published May 14, 2022
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default... Critical Unreviewed
CVE-2018-14324 was published May 14, 2022
web2py remote code execution via hardcoded encryption key in session.connect function Critical
CVE-2016-3953 was published for web2py (pip) May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:lutron password:integration)... Critical Unreviewed
CVE-2018-11629 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:nwk password:nwk2) allow... Critical Unreviewed
CVE-2018-11681 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials allow attackers to gain total super... Critical Unreviewed
CVE-2018-11682 was published May 14, 2022
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV... Critical Unreviewed
CVE-2018-18473 was published May 13, 2022
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the... Critical Unreviewed
CVE-2018-11509 was published May 13, 2022
** DISPUTED ** An Incorrect Password Management issue was discovered in SMA Solar Technology... Critical Unreviewed
CVE-2017-9852 was published May 13, 2022
The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to... Critical Unreviewed
CVE-2017-5600 was published May 13, 2022
EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a... Critical Unreviewed
CVE-2017-4976 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database