Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

421 advisories

Loading
Optergy Proton/Enterprise devices have Hard-coded Credentials. High Unreviewed
CVE-2019-7279 was published May 24, 2022
Prima Systems FlexAir devices have Hard-coded Credentials. High Unreviewed
CVE-2019-7672 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-11947 was published May 24, 2022
A CWE-798 use of hardcoded credentials vulnerability exists in BMX-NOR-0200H with firmware... High Unreviewed
CVE-2019-6812 was published May 24, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the... High Unreviewed
CVE-2019-10920 was published May 24, 2022
An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam... High Unreviewed
CVE-2018-4017 was published May 24, 2022
GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded... High Unreviewed
CVE-2019-6548 was published May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01... High Unreviewed
CVE-2018-18978 was published May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01... High Unreviewed
CVE-2018-18979 was published May 24, 2022
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless... High Unreviewed
CVE-2018-4062 was published May 24, 2022
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by... High Unreviewed
CVE-2017-18374 was published May 24, 2022
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three... High Unreviewed
CVE-2017-18373 was published May 24, 2022
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames,... High Unreviewed
CVE-2019-3938 was published May 24, 2022
A weak default administrator password for the web interface and serial port was reported in some... High Unreviewed
CVE-2021-42850 was published May 19, 2022
IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via... High Unreviewed
CVE-2016-2948 was published May 17, 2022
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which... High Unreviewed
CVE-2016-10125 was published May 17, 2022
An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. The... High Unreviewed
CVE-2016-8361 was published May 17, 2022
Huawei OceanStor 5600 V3 V300R003C00 has a hardcoded SSH key vulnerability; the hardcoded keys... High Unreviewed
CVE-2016-8754 was published May 17, 2022
Foscam networked devices use the same hardcoded SSL private key across different customers'... High Unreviewed
CVE-2017-7648 was published May 17, 2022
A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa... High Unreviewed
CVE-2017-9132 was published May 17, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users... High Unreviewed
CVE-2017-5167 was published May 17, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a... High Unreviewed
CVE-2017-9488 was published May 17, 2022
WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an... High Unreviewed
CVE-2017-2283 was published May 17, 2022
WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an... High Unreviewed
CVE-2017-2280 was published May 17, 2022
The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted... High Unreviewed
CVE-2017-5230 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database