Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,427
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

552 advisories

Loading
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version... Critical Unreviewed
CVE-2020-11857 was published May 24, 2022
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance... Critical Unreviewed
CVE-2020-11854 was published May 24, 2022
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is... Critical Unreviewed
CVE-2020-28329 was published May 24, 2022
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC... Critical Unreviewed
CVE-2020-11483 was published May 24, 2022
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An... Critical Unreviewed
CVE-2020-26879 was published May 24, 2022
ENC DataVault 7.1.1W uses an inappropriate encryption algorithm, such that an attacker (who does... Critical Unreviewed
CVE-2021-36751 was published Jan 3, 2022
The software contains a hard-coded password it uses for its own inbound authentication or for... Critical Unreviewed
CVE-2021-27440 was published May 24, 2022
In PEPPERL+FUCHS WirelessHART-Gateway 3.0.7 to 3.0.9 the SSH and telnet services are active with... Critical Unreviewed
CVE-2021-34565 was published May 24, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard... Critical Unreviewed
CVE-2019-3918 was published May 13, 2022
Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. Critical Unreviewed
CVE-2018-20955 was published May 24, 2022
Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056,... Critical Unreviewed
CVE-2022-30318 was published Sep 1, 2022
A flaw in the Zyxel LTE3301-M209 firmware verisons prior to V1.00(ABLG.6)C0 could allow a remote... Critical Unreviewed
CVE-2022-40602 was published Nov 22, 2022
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet... Critical Unreviewed
CVE-2017-8415 was published May 24, 2022
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... Critical Unreviewed
CVE-2022-29645 was published May 19, 2022
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... Critical Unreviewed
CVE-2022-29644 was published May 19, 2022
Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH). Critical Unreviewed
CVE-2019-7265 was published May 24, 2022
Linear eMerge E3-Series devices have Hard-coded Credentials. Critical Unreviewed
CVE-2019-7261 was published May 24, 2022
The affected products store both public and private key that are used to sign and protect Custom... Critical Unreviewed
CVE-2022-3927 was published Jan 6, 2023
In TOTOLINK T6 V4.1.5cu.709_B20210518, there is a hard coded password for root in /etc/shadow... Critical Unreviewed
CVE-2022-38823 was published Sep 17, 2022
D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet... Critical Unreviewed
CVE-2018-20432 was published May 24, 2022
Use of Hard-coded Credentials in AgileConfig.Client Critical
CVE-2022-35540 was published for AgileConfig.Client (NuGet) Aug 19, 2022
ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for... Critical Unreviewed
CVE-2016-5081 was published May 17, 2022
DEXIS Imaging Suite 10 has a hardcoded password for the sa account, which allows remote attackers... Critical Unreviewed
CVE-2016-6532 was published May 17, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote,... Critical Unreviewed
CVE-2022-28812 was published Sep 29, 2022
AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which... Critical Unreviewed
CVE-2016-6535 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database