Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55,... Critical Unreviewed
CVE-2018-5399 was published May 13, 2022
A reliance on a static, hard-coded credential in the design of the cloud-based storage system of... High Unreviewed
CVE-2018-5560 was published May 13, 2022
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server... Critical Unreviewed
CVE-2018-15720 was published May 13, 2022
A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco... Critical Unreviewed
CVE-2018-15427 was published May 13, 2022
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018,... High Unreviewed
CVE-2018-14801 was published May 13, 2022
A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could... Critical Unreviewed
CVE-2018-15389 was published May 13, 2022
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated... Critical Unreviewed
CVE-2018-0222 was published May 13, 2022
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials... Critical Unreviewed
CVE-2018-0041 was published May 13, 2022
NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard... Critical Unreviewed
CVE-2018-17894 was published May 13, 2022
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an... Critical Unreviewed
CVE-2018-18998 was published May 13, 2022
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an... Moderate Unreviewed
CVE-2018-17919 was published May 13, 2022
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed
CVE-2020-12501 was published May 24, 2022
Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded... Critical Unreviewed
CVE-2018-0040 was published May 13, 2022
go-admin (aka GO Admin) 2.0.12 uses the string go-admin as a production JWT key. Critical Unreviewed
CVE-2022-42980 was published Oct 17, 2022
The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on... Critical Unreviewed
CVE-2017-2343 was published May 13, 2022
GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are... Critical Unreviewed
CVE-2017-14006 was published May 13, 2022
GE GEMNet License server (EchoServer) all current versions are affected these devices use default... Critical Unreviewed
CVE-2017-14004 was published May 13, 2022
Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded... Critical Unreviewed
CVE-2018-10633 was published May 13, 2022
A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0,... Moderate Unreviewed
CVE-2017-12709 was published May 13, 2022
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU... Critical Unreviewed
CVE-2018-10592 was published May 13, 2022
A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an... Critical Unreviewed
CVE-2018-0375 was published May 13, 2022
A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4,... Critical Unreviewed
CVE-2017-14027 was published May 13, 2022
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an... High Unreviewed
CVE-2017-12350 was published May 13, 2022
Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key... High Unreviewed
CVE-2017-13107 was published May 13, 2022
Musical.ly Inc., musical.ly - your video social network, 6.1.6, 2017-10-03, iOS application uses... High Unreviewed
CVE-2017-13101 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database