GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,931
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,150
NuGet 736
pip 3,952
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 269,970

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,327 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Softing FG-100 PB PROFIBUS firmware version FG-x00-PB_V2.02.0.00 contains a hardcoded password... Critical Unreviewed

CVE-2014-6617 was published May 14, 2022

The IMM2 First Failure Data Capture function collects management module logs and diagnostic... High Unreviewed

CVE-2018-9068 was published May 14, 2022

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9... Critical Unreviewed

CVE-2018-10575 was published May 14, 2022

Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service... Critical Unreviewed

CVE-2018-0038 was published May 14, 2022

Use of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the... Critical Unreviewed

CVE-2018-11641 was published May 14, 2022

Momentum Axel 720P 5.1.8 devices have a hardcoded password of streaming for the appagent account,... High Unreviewed

CVE-2018-10328 was published May 14, 2022

Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of... Critical Unreviewed

CVE-2018-12924 was published May 14, 2022

Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account. Remote... Critical Unreviewed

CVE-2018-12526 was published May 14, 2022

An issue was discovered on Momentum Axel 720P 5.1.8 devices. A password of EHLGVG is hard-coded... High Unreviewed

CVE-2018-12323 was published May 14, 2022

In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of... Critical Unreviewed

CVE-2018-6213 was published May 14, 2022

The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with... Critical Unreviewed

CVE-2014-3413 was published May 14, 2022

In Dedos-web 1.0, the cookie and session secrets used in the Express.js application have... High Unreviewed

CVE-2018-10813 was published May 14, 2022

An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config... High Unreviewed

CVE-2018-10966 was published May 14, 2022

/usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL... Critical Unreviewed

CVE-2018-11482 was published May 14, 2022

A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO... Critical Unreviewed

CVE-2018-11311 was published May 14, 2022

An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform... Critical Unreviewed

CVE-2018-11094 was published May 14, 2022

A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO... Critical Unreviewed

CVE-2018-9112 was published May 14, 2022

Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an... Critical Unreviewed

CVE-2018-6401 was published May 14, 2022

The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5... High Unreviewed

CVE-2018-10167 was published May 14, 2022

The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to... Critical Unreviewed

CVE-2017-17539 was published May 14, 2022

The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain... Critical Unreviewed

CVE-2017-17540 was published May 14, 2022

Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT... Critical Unreviewed

CVE-2018-10723 was published May 14, 2022

Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded... Critical Unreviewed

CVE-2018-9161 was published May 14, 2022

A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router... Critical Unreviewed

CVE-2018-5768 was published May 14, 2022

Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection... High Unreviewed

CVE-2018-1206 was published May 14, 2022

Previous 1…12…54 Next

Previous 1 2 … 10 11 12 13 14 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,327 advisories