Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

545 advisories

Loading
Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default passwords for the sa and... Critical Unreviewed
CVE-2016-6530 was published May 17, 2022
The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0,... Critical Unreviewed
CVE-2016-7560 was published May 17, 2022
A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote... Critical Unreviewed
CVE-2015-2867 was published May 17, 2022
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8... Critical Unreviewed
CVE-2016-10115 was published May 17, 2022
IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to... Critical Unreviewed
CVE-2016-8954 was published May 17, 2022
An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older.... Critical Unreviewed
CVE-2016-5818 was published May 17, 2022
The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain... Critical Unreviewed
CVE-2016-8491 was published May 17, 2022
An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded... Critical Unreviewed
CVE-2016-8567 was published May 17, 2022
An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0.... Critical Unreviewed
CVE-2017-6403 was published May 17, 2022
Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account,... Critical Unreviewed
CVE-2016-10308 was published May 17, 2022
Trango Altum AC600 devices have a built-in, hidden root account, with a default password of... Critical Unreviewed
CVE-2016-10306 was published May 17, 2022
Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for... Critical Unreviewed
CVE-2015-2885 was published May 17, 2022
iBaby M3S has a password of admin for the backdoor admin account. Critical Unreviewed
CVE-2015-2887 was published May 17, 2022
Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the... Critical Unreviewed
CVE-2015-2881 was published May 17, 2022
Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of ... Critical Unreviewed
CVE-2015-2882 was published May 17, 2022
ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the... Critical Unreviewed
CVE-2016-1560 was published May 17, 2022
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of... Critical Unreviewed
CVE-2015-7246 was published May 17, 2022
Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with... Critical Unreviewed
CVE-2017-8224 was published May 17, 2022
The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin"... Critical Unreviewed
CVE-2016-0726 was published May 17, 2022
In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may... Critical Unreviewed
CVE-2017-6131 was published May 17, 2022
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM... Critical Unreviewed
CVE-2017-2236 was published May 17, 2022
Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for... Critical Unreviewed
CVE-2017-9932 was published May 17, 2022
A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a... Critical Unreviewed
CVE-2017-7336 was published May 17, 2022
MEDHOST Connex contains hard-coded credentials that are used for customer database access. An... Critical Unreviewed
CVE-2017-11614 was published May 17, 2022
Backup archives were found to be encrypted with a static password across different installations,... Critical Unreviewed
CVE-2017-11380 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database