GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,120 advisories
Filter by severity
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV...
Critical
Unreviewed
CVE-2018-18473
was published
May 13, 2022
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and...
High
Unreviewed
CVE-2022-1701
was published
May 14, 2022
** DISPUTED ** Default and unremovable support credentials allow attackers to gain total super...
Critical
Unreviewed
CVE-2018-11682
was published
May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:nwk password:nwk2) allow...
Critical
Unreviewed
CVE-2018-11681
was published
May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:lutron password:integration)...
Critical
Unreviewed
CVE-2018-11629
was published
May 14, 2022
web2py remote code execution via hardcoded encryption key in session.connect function
Critical
CVE-2016-3953
was published
for
web2py
(pip)
May 14, 2022
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default...
Critical
Unreviewed
CVE-2018-14324
was published
May 14, 2022
Sensitive data stored by Lenovo Fingerprint Manager Pro, version 8.01.86 and earlier, including...
High
Unreviewed
CVE-2017-3762
was published
May 14, 2022
DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data...
High
Unreviewed
CVE-2019-9975
was published
May 14, 2022
An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded...
Critical
Unreviewed
CVE-2019-10479
was published
May 14, 2022
ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02...
Critical
Unreviewed
CVE-2019-10011
was published
May 14, 2022
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. After successful...
High
Unreviewed
CVE-2018-20219
was published
May 14, 2022
The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a suitable mechanism to...
High
Unreviewed
CVE-2018-9149
was published
May 14, 2022
A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which...
Critical
Unreviewed
CVE-2018-7800
was published
May 14, 2022
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4...
High
Unreviewed
CVE-2019-6499
was published
May 14, 2022
RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the...
High
Unreviewed
CVE-2018-16186
was published
May 14, 2022
An issue was discovered on EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 devices. Hardcoded root SSH...
High
Unreviewed
CVE-2018-10532
was published
May 14, 2022
Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts...
High
Unreviewed
CVE-2018-11062
was published
May 14, 2022
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices...
Critical
Unreviewed
CVE-2018-12668
was published
May 14, 2022
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and...
High
Unreviewed
CVE-2018-16201
was published
May 14, 2022
Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An...
Critical
Unreviewed
CVE-2018-1000625
was published
May 14, 2022
The server API in the Anda app relies on hardcoded credentials.
Critical
Unreviewed
CVE-2018-13342
was published
May 14, 2022
COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code...
High
Unreviewed
CVE-2018-19233
was published
May 14, 2022
Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android...
Critical
Unreviewed
CVE-2018-18006
was published
May 14, 2022
A vulnerability in the configuration of a local database installed as part of the Cisco Energy...
High
Unreviewed
CVE-2018-0468
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API