Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0,... Critical Unreviewed
CVE-2016-7560 was published May 17, 2022
Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default passwords for the sa and... Critical Unreviewed
CVE-2016-6530 was published May 17, 2022
DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers... Critical Unreviewed
CVE-2016-6532 was published May 17, 2022
AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which... Critical Unreviewed
CVE-2016-6535 was published May 17, 2022
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for... Critical Unreviewed
CVE-2016-5081 was published May 17, 2022
Katello uses hard coded credential Critical
CVE-2012-3503 was published for katello (RubyGems) May 17, 2022
postmodern
Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded... High Unreviewed
CVE-2012-6428 was published May 17, 2022
mcollective has a default password set at install Critical Unreviewed
CVE-2014-0175 was published May 17, 2022
A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage... Moderate Unreviewed
CVE-2021-42849 was published May 19, 2022
A weak default administrator password for the web interface and serial port was reported in some... High Unreviewed
CVE-2021-42850 was published May 19, 2022
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... Critical Unreviewed
CVE-2022-29644 was published May 19, 2022
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... Critical Unreviewed
CVE-2022-29645 was published May 19, 2022
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account... Critical Unreviewed
CVE-2019-9160 was published May 24, 2022
VVX products using UCS software version 5.8.0 and earlier with Better Together over Ethernet... Moderate Unreviewed
CVE-2019-10688 was published May 24, 2022
Deltek Vision 7.x before 7.6 permits the execution of any attacker supplied SQL statement through... Critical Unreviewed
CVE-2018-18251 was published May 24, 2022
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to... Critical Unreviewed
CVE-2019-3932 was published May 24, 2022
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials... Critical Unreviewed
CVE-2019-3939 was published May 24, 2022
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames,... High Unreviewed
CVE-2019-3938 was published May 24, 2022
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by... High Unreviewed
CVE-2017-18374 was published May 24, 2022
The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has three user... Critical Unreviewed
CVE-2017-18371 was published May 24, 2022
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three... High Unreviewed
CVE-2017-18373 was published May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01... High Unreviewed
CVE-2018-18978 was published May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01... High Unreviewed
CVE-2018-18979 was published May 24, 2022
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless... High Unreviewed
CVE-2018-4062 was published May 24, 2022
Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the ... Critical Unreviewed
CVE-2019-5021 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database