Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,518
Maven
5,000+
npm
4,156
NuGet
736
pip
3,955
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,291 advisories

Loading
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 3.6.1-std and 4.0.8-std devices. They... Critical Unreviewed
CVE-2020-13858 was published May 24, 2022
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the... High Unreviewed
CVE-2019-20471 was published May 24, 2022
Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account. High Unreviewed
CVE-2021-25863 was published May 24, 2022
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server... Critical Unreviewed
CVE-2020-6779 was published May 24, 2022
An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8... High Unreviewed
CVE-2020-28999 was published May 24, 2022
An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the... Critical Unreviewed
CVE-2020-28998 was published May 24, 2022
An attacker with local network access can obtain a fixed cryptography key which may allow for... High Unreviewed
CVE-2020-25173 was published May 24, 2022
A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local... High Unreviewed
CVE-2021-1219 was published May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN... Moderate Unreviewed
CVE-2020-27256 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET... Moderate Unreviewed
CVE-2020-28395 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Moderate Unreviewed
CVE-2020-28391 was published May 24, 2022
Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx... Critical Unreviewed
CVE-2020-10210 was published May 24, 2022
Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx... Critical Unreviewed
CVE-2020-10207 was published May 24, 2022
Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series,... Moderate Unreviewed
CVE-2020-10206 was published May 24, 2022
Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which... Moderate Unreviewed
CVE-2020-29193 was published May 24, 2022
Programi Bilanc Build 007 Release 014 31.01.2020 supplies a .exe file containing several... Critical Unreviewed
CVE-2020-8995 was published May 24, 2022
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If... High Unreviewed
CVE-2020-2499 was published May 24, 2022
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below.... Critical Unreviewed
CVE-2020-11720 was published May 24, 2022
An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by... High Unreviewed
CVE-2020-25620 was published May 24, 2022
AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web... Critical Unreviewed
CVE-2019-14482 was published May 24, 2022
In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local... Moderate Unreviewed
CVE-2020-0019 was published May 24, 2022
In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local... High Unreviewed
CVE-2020-0016 was published May 24, 2022
The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout... Critical Unreviewed
CVE-2020-35338 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3),... Moderate Unreviewed
CVE-2020-25231 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25229 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database