GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,159 advisories
Filter by severity
IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or...
Critical
Unreviewed
CVE-2018-1818
was published
May 13, 2022
IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a...
Critical
Unreviewed
CVE-2018-1742
was published
May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass...
Moderate
Unreviewed
CVE-2018-1650
was published
May 13, 2022
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an...
Critical
Unreviewed
CVE-2018-18998
was published
May 13, 2022
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an...
Moderate
Unreviewed
CVE-2018-17919
was published
May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The...
High
Unreviewed
CVE-2018-17896
was published
May 13, 2022
NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard...
Critical
Unreviewed
CVE-2018-17894
was published
May 13, 2022
EasyLobby Solo contains default administrative credentials. An attacker could exploit this...
High
Unreviewed
CVE-2018-17492
was published
May 13, 2022
The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded...
High
Unreviewed
CVE-2018-15781
was published
May 13, 2022
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server...
Critical
Unreviewed
CVE-2018-15720
was published
May 13, 2022
A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco...
Critical
Unreviewed
CVE-2018-15427
was published
May 13, 2022
A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could...
Critical
Unreviewed
CVE-2018-15389
was published
May 13, 2022
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018,...
High
Unreviewed
CVE-2018-14801
was published
May 13, 2022
Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded...
Critical
Unreviewed
CVE-2018-10633
was published
May 13, 2022
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU...
Critical
Unreviewed
CVE-2018-10592
was published
May 13, 2022
A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an...
Critical
Unreviewed
CVE-2018-0375
was published
May 13, 2022
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated...
Critical
Unreviewed
CVE-2018-0222
was published
May 13, 2022
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an...
High
Unreviewed
CVE-2018-0141
was published
May 13, 2022
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials...
Critical
Unreviewed
CVE-2018-0041
was published
May 13, 2022
Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service...
Critical
Unreviewed
CVE-2018-0039
was published
May 13, 2022
Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded...
Critical
Unreviewed
CVE-2018-0040
was published
May 13, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000...
Moderate
Unreviewed
CVE-2017-9649
was published
May 13, 2022
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069...
Critical
Unreviewed
CVE-2017-9656
was published
May 13, 2022
A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH...
High
Unreviewed
CVE-2017-7927
was published
May 13, 2022
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally...
High
Unreviewed
CVE-2017-7537
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API