Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,152
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded... High Unreviewed
CVE-2019-6548 was published May 24, 2022
An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam... High Unreviewed
CVE-2018-4017 was published May 24, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the... High Unreviewed
CVE-2019-10920 was published May 24, 2022
By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting... Critical Unreviewed
CVE-2019-8352 was published May 24, 2022
A CWE-798 use of hardcoded credentials vulnerability exists in BMX-NOR-0200H with firmware... High Unreviewed
CVE-2019-6812 was published May 24, 2022
Computrols CBAS 18.0.0 has Default Credentials. Critical Unreviewed
CVE-2019-10850 was published May 24, 2022
The rpWLANRedirect.asp ASP page is accessible without authentication on ZyXEL P-660HN-T1 V2 (2.00... Critical Unreviewed
CVE-2019-6725 was published May 24, 2022
An authentication bypass was found in an unknown area of the SiteOmat source code. All SiteOmat... Critical Unreviewed
CVE-2017-14728 was published May 24, 2022
Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager... Moderate Unreviewed
CVE-2019-12376 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-11947 was published May 24, 2022
Prima Systems FlexAir devices have Hard-coded Credentials. High Unreviewed
CVE-2019-7672 was published May 24, 2022
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with... Critical Unreviewed
CVE-2019-12776 was published May 24, 2022
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain... Critical Unreviewed
CVE-2019-12549 was published May 24, 2022
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain... Critical Unreviewed
CVE-2019-12550 was published May 24, 2022
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the... Critical Unreviewed
CVE-2019-12920 was published May 24, 2022
The ABB HMI components implement hidden administrative accounts that are used during the... Moderate Unreviewed
CVE-2019-7225 was published May 24, 2022
SICK MSC800 all versions prior to Version 4.0, the affected firmware versions contain a hard... Critical Unreviewed
CVE-2019-10979 was published May 24, 2022
Optergy Proton/Enterprise devices have Hard-coded Credentials. High Unreviewed
CVE-2019-7279 was published May 24, 2022
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet... Critical Unreviewed
CVE-2017-8415 was published May 24, 2022
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in... Critical Unreviewed
CVE-2017-8226 was published May 24, 2022
Invoxia NVX220 devices allow TELNET access as admin with a default password. Critical Unreviewed
CVE-2018-14528 was published May 24, 2022
WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic secret for generating... Critical Unreviewed
CVE-2019-13352 was published May 24, 2022
Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that is used during an... Moderate Unreviewed
CVE-2019-13399 was published May 24, 2022
Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded username and password... Critical Unreviewed
CVE-2019-3950 was published May 24, 2022
A vulnerability in the Cisco FindIT Network Management Software virtual machine (VM) images could... High Unreviewed
CVE-2019-1919 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database