GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,405

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

545 advisories

Filter by severity

Sort by

Least recently updated

A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC... Critical Unreviewed

CVE-2018-1216 was published May 14, 2022

EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains... Critical Unreviewed

CVE-2017-8013 was published May 14, 2022

A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router... Critical Unreviewed

CVE-2018-5768 was published May 14, 2022

Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded... Critical Unreviewed

CVE-2018-9161 was published May 14, 2022

Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT... Critical Unreviewed

CVE-2018-10723 was published May 14, 2022

The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain... Critical Unreviewed

CVE-2017-17540 was published May 14, 2022

The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to... Critical Unreviewed

CVE-2017-17539 was published May 14, 2022

Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an... Critical Unreviewed

CVE-2018-6401 was published May 14, 2022

A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO... Critical Unreviewed

CVE-2018-9112 was published May 14, 2022

An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform... Critical Unreviewed

CVE-2018-11094 was published May 14, 2022

A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO... Critical Unreviewed

CVE-2018-11311 was published May 14, 2022

/usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL... Critical Unreviewed

CVE-2018-11482 was published May 14, 2022

The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with... Critical Unreviewed

CVE-2014-3413 was published May 14, 2022

In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of... Critical Unreviewed

CVE-2018-6213 was published May 14, 2022

Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote... Critical Unreviewed

CVE-2018-12526 was published May 14, 2022

Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of... Critical Unreviewed

CVE-2018-12924 was published May 14, 2022

Use of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the... Critical Unreviewed

CVE-2018-11641 was published May 14, 2022

Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service... Critical Unreviewed

CVE-2018-0038 was published May 14, 2022

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9... Critical Unreviewed

CVE-2018-10575 was published May 14, 2022

Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password... Critical Unreviewed

CVE-2014-6617 was published May 14, 2022

Multiple hardcoded credentials in Xsuite 2.x. Critical Unreviewed

CVE-2015-4667 was published May 14, 2022

Harmonic NSG 9000 devices have a default password of nsgadmin for the admin account, a default... Critical Unreviewed

CVE-2018-14943 was published May 14, 2022

POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user.... Critical Unreviewed

CVE-2018-15808 was published May 14, 2022

The National Payments Corporation of India BHIM application 1.3 for Android relies on three... Critical Unreviewed

CVE-2017-9821 was published May 14, 2022

An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin... Critical Unreviewed

CVE-2017-12577 was published May 14, 2022

Previous 1 2 … 15 16 17 18 19 20 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

545 advisories