Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior... Critical Unreviewed
CVE-2017-9957 was published May 17, 2022
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account. Critical Unreviewed
CVE-2017-11351 was published May 17, 2022
D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices have a hardcoded password of... Critical Unreviewed
CVE-2017-14421 was published May 17, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware... High Unreviewed
CVE-2017-14422 was published May 17, 2022
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not... High Unreviewed
CVE-2017-14116 was published May 17, 2022
NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root... Critical Unreviewed
CVE-2016-5678 was published May 17, 2022
Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015. Critical Unreviewed
CVE-2014-8426 was published May 17, 2022
The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a... High Unreviewed
CVE-2017-6351 was published May 17, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7... High Unreviewed
CVE-2016-5816 was published May 17, 2022
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users... Moderate Unreviewed
CVE-2010-2772 was published May 17, 2022
auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the (1) test, ... Moderate Unreviewed
CVE-2010-2073 was published May 17, 2022
VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys... Critical Unreviewed
CVE-2016-5333 was published May 17, 2022
MEDHOST Document Management System contains hard-coded credentials that are used for customer... Critical Unreviewed
CVE-2017-11693 was published May 17, 2022
MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr... Critical Unreviewed
CVE-2017-11694 was published May 17, 2022
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer... Critical Unreviewed
CVE-2017-11743 was published May 17, 2022
The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted... High Unreviewed
CVE-2017-5230 was published May 17, 2022
WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an... High Unreviewed
CVE-2017-2280 was published May 17, 2022
WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an... High Unreviewed
CVE-2017-2283 was published May 17, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is... Critical Unreviewed
CVE-2017-11129 was published May 17, 2022
Backup archives were found to be encrypted with a static password across different installations,... Critical Unreviewed
CVE-2017-11380 was published May 17, 2022
MEDHOST Connex contains hard-coded credentials that are used for customer database access. An... Critical Unreviewed
CVE-2017-11614 was published May 17, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a... High Unreviewed
CVE-2017-9488 was published May 17, 2022
A hard-coded account named 'upgrade' in Fortinet FortiWLM 8.3.0 and lower versions allows a... Critical Unreviewed
CVE-2017-7336 was published May 17, 2022
Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb has a default password of admin for... Critical Unreviewed
CVE-2017-9932 was published May 17, 2022
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM... Critical Unreviewed
CVE-2017-2236 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database