GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
552 advisories
Filter by severity
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials...
Critical
Unreviewed
CVE-2018-0041
was published
May 13, 2022
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated...
Critical
Unreviewed
CVE-2018-0222
was published
May 13, 2022
A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an...
Critical
Unreviewed
CVE-2018-0375
was published
May 13, 2022
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU...
Critical
Unreviewed
CVE-2018-10592
was published
May 13, 2022
Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded...
Critical
Unreviewed
CVE-2018-10633
was published
May 13, 2022
A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could...
Critical
Unreviewed
CVE-2018-15389
was published
May 13, 2022
A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco...
Critical
Unreviewed
CVE-2018-15427
was published
May 13, 2022
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server...
Critical
Unreviewed
CVE-2018-15720
was published
May 13, 2022
NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard...
Critical
Unreviewed
CVE-2018-17894
was published
May 13, 2022
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an...
Critical
Unreviewed
CVE-2018-18998
was published
May 13, 2022
IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a...
Critical
Unreviewed
CVE-2018-1742
was published
May 13, 2022
IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or...
Critical
Unreviewed
CVE-2018-1818
was published
May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains...
Critical
Unreviewed
CVE-2018-1944
was published
May 13, 2022
A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems /...
Critical
Unreviewed
CVE-2018-4846
was published
May 13, 2022
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55,...
Critical
Unreviewed
CVE-2018-5399
was published
May 13, 2022
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4...
Critical
Unreviewed
CVE-2018-5551
was published
May 13, 2022
Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an...
Critical
Unreviewed
CVE-2019-0020
was published
May 13, 2022
Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an...
Critical
Unreviewed
CVE-2019-0022
was published
May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard...
Critical
Unreviewed
CVE-2019-3918
was published
May 13, 2022
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log...
Critical
Unreviewed
CVE-2018-0150
was published
May 13, 2022
The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028...
Critical
Unreviewed
CVE-2019-8950
was published
May 13, 2022
spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to...
Critical
Unreviewed
CVE-2018-18008
was published
May 13, 2022
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private...
Critical
Unreviewed
CVE-2018-16158
was published
May 13, 2022
Use of a Hard-coded Cryptographic Key used to protect cookie session data in /var/www/xms...
Critical
Unreviewed
CVE-2018-11635
was published
May 13, 2022
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated,...
Critical
Unreviewed
CVE-2018-15439
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API