Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

599 advisories

Loading
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV... Critical Unreviewed
CVE-2018-18473 was published May 13, 2022
** DISPUTED ** Default and unremovable support credentials allow attackers to gain total super... Critical Unreviewed
CVE-2018-11682 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:nwk password:nwk2) allow... Critical Unreviewed
CVE-2018-11681 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:lutron password:integration)... Critical Unreviewed
CVE-2018-11629 was published May 14, 2022
web2py remote code execution via hardcoded encryption key in session.connect function Critical
CVE-2016-3953 was published for web2py (pip) May 14, 2022
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default... Critical Unreviewed
CVE-2018-14324 was published May 14, 2022
An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded... Critical Unreviewed
CVE-2019-10479 was published May 14, 2022
ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02... Critical Unreviewed
CVE-2019-10011 was published May 14, 2022
A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which... Critical Unreviewed
CVE-2018-7800 was published May 14, 2022
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices... Critical Unreviewed
CVE-2018-12668 was published May 14, 2022
Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An... Critical Unreviewed
CVE-2018-1000625 was published May 14, 2022
The server API in the Anda app relies on hardcoded credentials. Critical Unreviewed
CVE-2018-13342 was published May 14, 2022
Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android... Critical Unreviewed
CVE-2018-18006 was published May 14, 2022
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4... Critical Unreviewed
CVE-2018-0680 was published May 14, 2022
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4... Critical Unreviewed
CVE-2018-0681 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19063 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19067 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19069 was published May 14, 2022
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the... Critical Unreviewed
CVE-2018-16957 was published May 14, 2022
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340,... Critical Unreviewed
CVE-2018-7241 was published May 14, 2022
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded... Critical Unreviewed
CVE-2017-12574 was published May 14, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard... Critical Unreviewed
CVE-2018-8856 was published May 14, 2022
An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin... Critical Unreviewed
CVE-2017-12577 was published May 14, 2022
The National Payments Corporation of India BHIM application 1.3 for Android relies on three... Critical Unreviewed
CVE-2017-9821 was published May 14, 2022
POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user.... Critical Unreviewed
CVE-2018-15808 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database