Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,120 advisories

Loading
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV... Critical Unreviewed
CVE-2018-18473 was published May 13, 2022
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and... High Unreviewed
CVE-2022-1701 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials allow attackers to gain total super... Critical Unreviewed
CVE-2018-11682 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:nwk password:nwk2) allow... Critical Unreviewed
CVE-2018-11681 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:lutron password:integration)... Critical Unreviewed
CVE-2018-11629 was published May 14, 2022
web2py remote code execution via hardcoded encryption key in session.connect function Critical
CVE-2016-3953 was published for web2py (pip) May 14, 2022
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default... Critical Unreviewed
CVE-2018-14324 was published May 14, 2022
Sensitive data stored by Lenovo Fingerprint Manager Pro, version 8.01.86 and earlier, including... High Unreviewed
CVE-2017-3762 was published May 14, 2022
DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for logs encryption. Data... High Unreviewed
CVE-2019-9975 was published May 14, 2022
An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded... Critical Unreviewed
CVE-2019-10479 was published May 14, 2022
ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02... Critical Unreviewed
CVE-2019-10011 was published May 14, 2022
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. After successful... High Unreviewed
CVE-2018-20219 was published May 14, 2022
The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a suitable mechanism to... High Unreviewed
CVE-2018-9149 was published May 14, 2022
A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which... Critical Unreviewed
CVE-2018-7800 was published May 14, 2022
Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4... High Unreviewed
CVE-2019-6499 was published May 14, 2022
RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the... High Unreviewed
CVE-2018-16186 was published May 14, 2022
An issue was discovered on EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 devices. Hardcoded root SSH... High Unreviewed
CVE-2018-10532 was published May 14, 2022
Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts... High Unreviewed
CVE-2018-11062 was published May 14, 2022
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices... Critical Unreviewed
CVE-2018-12668 was published May 14, 2022
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and... High Unreviewed
CVE-2018-16201 was published May 14, 2022
Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An... Critical Unreviewed
CVE-2018-1000625 was published May 14, 2022
The server API in the Anda app relies on hardcoded credentials. Critical Unreviewed
CVE-2018-13342 was published May 14, 2022
COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code... High Unreviewed
CVE-2018-19233 was published May 14, 2022
Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android... Critical Unreviewed
CVE-2018-18006 was published May 14, 2022
A vulnerability in the configuration of a local database installed as part of the Cisco Energy... High Unreviewed
CVE-2018-0468 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API