Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
In some circumstances, an F5 BIG-IP version 12.0.0 to 12.1.2 and 13.0.0 Azure cloud instance may... Critical Unreviewed
CVE-2017-6131 was published May 17, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users... High Unreviewed
CVE-2017-5167 was published May 17, 2022
The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin"... Critical Unreviewed
CVE-2016-0726 was published May 17, 2022
A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa... High Unreviewed
CVE-2017-9132 was published May 17, 2022
Wireless IP Camera (P2P) WIFICAM devices have a backdoor root account that can be accessed with... Critical Unreviewed
CVE-2017-8224 was published May 17, 2022
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of... Critical Unreviewed
CVE-2015-7246 was published May 17, 2022
ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the... Critical Unreviewed
CVE-2016-1560 was published May 17, 2022
Foscam networked devices use the same hardcoded SSL private key across different customers'... High Unreviewed
CVE-2017-7648 was published May 17, 2022
Philips In.Sight B120/37 has a password of b120root for the backdoor root account, a password of ... Critical Unreviewed
CVE-2015-2882 was published May 17, 2022
iBaby M3S has a password of admin for the backdoor admin account. Critical Unreviewed
CVE-2015-2887 was published May 17, 2022
Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for... Critical Unreviewed
CVE-2015-2885 was published May 17, 2022
Gynoii has a password of guest for the backdoor guest account and a password of 12345 for the... Critical Unreviewed
CVE-2015-2881 was published May 17, 2022
Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerability; the hardcoded keys... High Unreviewed
CVE-2016-8754 was published May 17, 2022
Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account,... Critical Unreviewed
CVE-2016-10308 was published May 17, 2022
Trango Altum AC600 devices have a built-in, hidden root account, with a default password of... Critical Unreviewed
CVE-2016-10306 was published May 17, 2022
An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0.... Critical Unreviewed
CVE-2017-6403 was published May 17, 2022
An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded... Critical Unreviewed
CVE-2016-8567 was published May 17, 2022
The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain... Critical Unreviewed
CVE-2016-8491 was published May 17, 2022
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The... High Unreviewed
CVE-2016-8361 was published May 17, 2022
An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older.... Critical Unreviewed
CVE-2016-5818 was published May 17, 2022
IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to... Critical Unreviewed
CVE-2016-8954 was published May 17, 2022
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which... High Unreviewed
CVE-2016-10125 was published May 17, 2022
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8... Critical Unreviewed
CVE-2016-10115 was published May 17, 2022
A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote... Critical Unreviewed
CVE-2015-2867 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via... High Unreviewed
CVE-2016-2948 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database