GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,339
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,940
Maven 5,135
npm 3,677
NuGet 645
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,840

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

522 advisories

Filter by severity

Sort by

Least recently updated

Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials... Critical Unreviewed

CVE-2018-0041 was published May 13, 2022

Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded... Critical Unreviewed

CVE-2018-0040 was published May 13, 2022

Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service... Critical Unreviewed

CVE-2018-0039 was published May 13, 2022

The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069... Critical Unreviewed

CVE-2017-9656 was published May 13, 2022

A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA,... Critical Unreviewed

CVE-2017-6022 was published May 13, 2022

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use... Critical Unreviewed

CVE-2017-3186 was published May 13, 2022

ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail... Critical Unreviewed

CVE-2017-3184 was published May 13, 2022

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on... Critical Unreviewed

CVE-2017-2343 was published May 13, 2022

A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4,... Critical Unreviewed

CVE-2017-14027 was published May 13, 2022

GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are... Critical Unreviewed

CVE-2017-14006 was published May 13, 2022

GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these... Critical Unreviewed

CVE-2017-14008 was published May 13, 2022

A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version... Critical Unreviewed

CVE-2017-14021 was published May 13, 2022

GE GEMNet License server (EchoServer) all current versions are affected these devices use default... Critical Unreviewed

CVE-2017-14004 was published May 13, 2022

GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these... Critical Unreviewed

CVE-2017-14002 was published May 13, 2022

A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal... Critical Unreviewed

CVE-2016-9358 was published May 13, 2022

A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed... Critical Unreviewed

CVE-2016-9335 was published May 13, 2022

Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior,... Critical Unreviewed

CVE-2015-3953 was published May 13, 2022

Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module ... Critical Unreviewed

CVE-2014-5434 was published May 13, 2022

An issue was discovered on Wireless IP Camera 360 devices. A root account with a known SHA-512... Critical Unreviewed

CVE-2017-11632 was published May 13, 2022

The Epson "EasyMP" software is designed to remotely stream a users computer to supporting... Critical Unreviewed

CVE-2017-12860 was published May 13, 2022

EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a... Critical Unreviewed

CVE-2017-4976 was published May 13, 2022

The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to... Critical Unreviewed

CVE-2017-5600 was published May 13, 2022

** DISPUTED ** An Incorrect Password Management issue was discovered in SMA Solar Technology... Critical Unreviewed

CVE-2017-9852 was published May 13, 2022

ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the... Critical Unreviewed

CVE-2018-11509 was published May 13, 2022

A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV... Critical Unreviewed

CVE-2018-18473 was published May 13, 2022

Previous 1 2 3 4 5 6 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

522 advisories