Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

422 advisories

Loading
The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted... High Unreviewed
CVE-2017-5230 was published May 17, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7... High Unreviewed
CVE-2016-5816 was published May 17, 2022
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a... High Unreviewed
CVE-2017-6351 was published May 17, 2022
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not... High Unreviewed
CVE-2017-14116 was published May 17, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware... High Unreviewed
CVE-2017-14422 was published May 17, 2022
An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software... High Unreviewed
CVE-2017-9956 was published May 17, 2022
EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that... High Unreviewed
CVE-2017-14376 was published May 17, 2022
A Use of Hard-coded Password issue was discovered in Smiths Medical Medfusion 4000 Wireless... High Unreviewed
CVE-2017-12726 was published May 14, 2022
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless... High Unreviewed
CVE-2017-12724 was published May 14, 2022
Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named ... High Unreviewed
CVE-2018-1214 was published May 14, 2022
IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact... High Unreviewed
CVE-2016-0235 was published May 14, 2022
Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection... High Unreviewed
CVE-2018-1206 was published May 14, 2022
The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5... High Unreviewed
CVE-2018-10167 was published May 14, 2022
An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config... High Unreviewed
CVE-2018-10966 was published May 14, 2022
In Dedos-web 1.0, the cookie and session secrets used in the Express.js application have... High Unreviewed
CVE-2018-10813 was published May 14, 2022
An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded... High Unreviewed
CVE-2018-12323 was published May 14, 2022
Momentum Axel 720P 5.1.8 devices have a hardcoded password of streaming for the appagent account,... High Unreviewed
CVE-2018-10328 was published May 14, 2022
The IMM2 First Failure Data Capture function collects management module logs and diagnostic... High Unreviewed
CVE-2018-9068 was published May 14, 2022
Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password ... High Unreviewed
CVE-2010-1573 was published May 14, 2022
A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows... High Unreviewed
CVE-2018-13819 was published May 14, 2022
A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows... High Unreviewed
CVE-2018-13820 was published May 14, 2022
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA... High Unreviewed
CVE-2018-0663 was published May 14, 2022
An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded... High Unreviewed
CVE-2018-17217 was published May 14, 2022
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android.... High Unreviewed
CVE-2018-15753 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... High Unreviewed
CVE-2018-19066 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database