Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

484 advisories

Loading
The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the... High Unreviewed
CVE-2019-15867 was published May 24, 2022
The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the... High Unreviewed
CVE-2019-15745 was published May 24, 2022
The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for... High Unreviewed
CVE-2016-10928 was published May 24, 2022
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR... High Unreviewed
CVE-2019-9229 was published May 24, 2022
A vulnerability in the Cisco FindIT Network Management Software virtual machine (VM) images could... High Unreviewed
CVE-2019-1919 was published May 24, 2022
Optergy Proton/Enterprise devices have Hard-coded Credentials. High Unreviewed
CVE-2019-7279 was published May 24, 2022
Prima Systems FlexAir devices have Hard-coded Credentials. High Unreviewed
CVE-2019-7672 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-11947 was published May 24, 2022
A CWE-798 use of hardcoded credentials vulnerability exists in BMX-NOR-0200H with firmware... High Unreviewed
CVE-2019-6812 was published May 24, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the... High Unreviewed
CVE-2019-10920 was published May 24, 2022
An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam... High Unreviewed
CVE-2018-4017 was published May 24, 2022
GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded... High Unreviewed
CVE-2019-6548 was published May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01... High Unreviewed
CVE-2018-18978 was published May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01... High Unreviewed
CVE-2018-18979 was published May 24, 2022
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless... High Unreviewed
CVE-2018-4062 was published May 24, 2022
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by... High Unreviewed
CVE-2017-18374 was published May 24, 2022
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three... High Unreviewed
CVE-2017-18373 was published May 24, 2022
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames,... High Unreviewed
CVE-2019-3938 was published May 24, 2022
A weak default administrator password for the web interface and serial port was reported in some... High Unreviewed
CVE-2021-42850 was published May 19, 2022
Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded... High Unreviewed
CVE-2012-6428 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via... High Unreviewed
CVE-2016-2948 was published May 17, 2022
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which... High Unreviewed
CVE-2016-10125 was published May 17, 2022
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The... High Unreviewed
CVE-2016-8361 was published May 17, 2022
Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerability; the hardcoded keys... High Unreviewed
CVE-2016-8754 was published May 17, 2022
Foscam networked devices use the same hardcoded SSL private key across different customers'... High Unreviewed
CVE-2017-7648 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database