Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

447 advisories

Loading
EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that... High Unreviewed
CVE-2017-14376 was published May 17, 2022
A Use of Hard-coded Password issue was discovered in Smiths Medical Medfusion 4000 Wireless... High Unreviewed
CVE-2017-12726 was published May 14, 2022
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless... High Unreviewed
CVE-2017-12724 was published May 14, 2022
Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named ... High Unreviewed
CVE-2018-1214 was published May 14, 2022
IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact... High Unreviewed
CVE-2016-0235 was published May 14, 2022
Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection... High Unreviewed
CVE-2018-1206 was published May 14, 2022
The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5... High Unreviewed
CVE-2018-10167 was published May 14, 2022
An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config... High Unreviewed
CVE-2018-10966 was published May 14, 2022
In Dedos-web 1.0, the cookie and session secrets used in the Express.js application have... High Unreviewed
CVE-2018-10813 was published May 14, 2022
An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded... High Unreviewed
CVE-2018-12323 was published May 14, 2022
Momentum Axel 720P 5.1.8 devices have a hardcoded password of streaming for the appagent account,... High Unreviewed
CVE-2018-10328 was published May 14, 2022
The IMM2 First Failure Data Capture function collects management module logs and diagnostic... High Unreviewed
CVE-2018-9068 was published May 14, 2022
Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password ... High Unreviewed
CVE-2010-1573 was published May 14, 2022
A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows... High Unreviewed
CVE-2018-13819 was published May 14, 2022
A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows... High Unreviewed
CVE-2018-13820 was published May 14, 2022
Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA... High Unreviewed
CVE-2018-0663 was published May 14, 2022
An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded... High Unreviewed
CVE-2018-17217 was published May 14, 2022
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android.... High Unreviewed
CVE-2018-15753 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... High Unreviewed
CVE-2018-19066 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... High Unreviewed
CVE-2018-19065 was published May 14, 2022
A vulnerability in the configuration of a local database installed as part of the Cisco Energy... High Unreviewed
CVE-2018-0468 was published May 14, 2022
COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code... High Unreviewed
CVE-2018-19233 was published May 14, 2022
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and... High Unreviewed
CVE-2018-16201 was published May 14, 2022
Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts... High Unreviewed
CVE-2018-11062 was published May 14, 2022
An issue was discovered on EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 devices. Hardcoded root SSH... High Unreviewed
CVE-2018-10532 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database