Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

560 advisories

Loading
A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4,... Critical Unreviewed
CVE-2017-14027 was published May 13, 2022
The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on... Critical Unreviewed
CVE-2017-2343 was published May 13, 2022
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use... Critical Unreviewed
CVE-2017-3186 was published May 13, 2022
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail... Critical Unreviewed
CVE-2017-3184 was published May 13, 2022
A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA,... Critical Unreviewed
CVE-2017-6022 was published May 13, 2022
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069... Critical Unreviewed
CVE-2017-9656 was published May 13, 2022
Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded... Critical Unreviewed
CVE-2018-0040 was published May 13, 2022
Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service... Critical Unreviewed
CVE-2018-0039 was published May 13, 2022
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials... Critical Unreviewed
CVE-2018-0041 was published May 13, 2022
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated... Critical Unreviewed
CVE-2018-0222 was published May 13, 2022
A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an... Critical Unreviewed
CVE-2018-0375 was published May 13, 2022
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU... Critical Unreviewed
CVE-2018-10592 was published May 13, 2022
Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded... Critical Unreviewed
CVE-2018-10633 was published May 13, 2022
A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could... Critical Unreviewed
CVE-2018-15389 was published May 13, 2022
A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco... Critical Unreviewed
CVE-2018-15427 was published May 13, 2022
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server... Critical Unreviewed
CVE-2018-15720 was published May 13, 2022
NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard... Critical Unreviewed
CVE-2018-17894 was published May 13, 2022
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an... Critical Unreviewed
CVE-2018-18998 was published May 13, 2022
IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a... Critical Unreviewed
CVE-2018-1742 was published May 13, 2022
IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or... Critical Unreviewed
CVE-2018-1818 was published May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains... Critical Unreviewed
CVE-2018-1944 was published May 13, 2022
A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems /... Critical Unreviewed
CVE-2018-4846 was published May 13, 2022
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55,... Critical Unreviewed
CVE-2018-5399 was published May 13, 2022
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4... Critical Unreviewed
CVE-2018-5551 was published May 13, 2022
Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an... Critical Unreviewed
CVE-2019-0020 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database