Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
IBM Security Identity Manager 7.0.1 Virtual Appliance contains hard-coded credentials, such as a... High Unreviewed
CVE-2018-1959 was published May 13, 2022
HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows... Critical Unreviewed
CVE-2021-26611 was published Nov 27, 2021
An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is... Moderate Unreviewed
CVE-2021-43282 was published Dec 1, 2021
An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets... High Unreviewed
CVE-2021-43284 was published Dec 1, 2021
The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028... Critical Unreviewed
CVE-2019-8950 was published May 13, 2022
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may... High Unreviewed
CVE-2021-26108 was published Dec 9, 2021
A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS... High Unreviewed
CVE-2021-41028 was published Dec 17, 2021
The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation... Moderate Unreviewed
CVE-2018-12240 was published May 13, 2022
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log... Critical Unreviewed
CVE-2018-0150 was published May 13, 2022
Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an... Critical Unreviewed
CVE-2019-0020 was published May 13, 2022
Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4... High Unreviewed
CVE-2018-8857 was published May 13, 2022
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4... Critical Unreviewed
CVE-2018-5551 was published May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass... Moderate Unreviewed
CVE-2018-1650 was published May 13, 2022
A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems /... Critical Unreviewed
CVE-2018-4846 was published May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains... Critical Unreviewed
CVE-2018-1944 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains... High Unreviewed
CVE-2018-1887 was published May 13, 2022
IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or... Critical Unreviewed
CVE-2018-1818 was published May 13, 2022
IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a... Critical Unreviewed
CVE-2018-1742 was published May 13, 2022
A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could... High Unreviewed
CVE-2019-1688 was published May 13, 2022
A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an... High Unreviewed
CVE-2019-1675 was published May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The... High Unreviewed
CVE-2018-17896 was published May 13, 2022
Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an... Critical Unreviewed
CVE-2019-0022 was published May 13, 2022
The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded... High Unreviewed
CVE-2018-15781 was published May 13, 2022
EasyLobby Solo contains default administrative credentials. An attacker could exploit this... High Unreviewed
CVE-2018-17492 was published May 13, 2022
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4... Low Unreviewed
CVE-2018-5552 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database