Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

522 advisories

Loading
** DISPUTED ** Default and unremovable support credentials allow attackers to gain total super... Critical Unreviewed
CVE-2018-11682 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:nwk password:nwk2) allow... Critical Unreviewed
CVE-2018-11681 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:lutron password:integration)... Critical Unreviewed
CVE-2018-11629 was published May 14, 2022
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default... Critical Unreviewed
CVE-2018-14324 was published May 14, 2022
An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded... Critical Unreviewed
CVE-2019-10479 was published May 14, 2022
ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02... Critical Unreviewed
CVE-2019-10011 was published May 14, 2022
A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which... Critical Unreviewed
CVE-2018-7800 was published May 14, 2022
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices... Critical Unreviewed
CVE-2018-12668 was published May 14, 2022
Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An... Critical Unreviewed
CVE-2018-1000625 was published May 14, 2022
The server API in the Anda app relies on hardcoded credentials. Critical Unreviewed
CVE-2018-13342 was published May 14, 2022
Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android... Critical Unreviewed
CVE-2018-18006 was published May 14, 2022
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4... Critical Unreviewed
CVE-2018-0681 was published May 14, 2022
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4... Critical Unreviewed
CVE-2018-0680 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19063 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19067 was published May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Critical Unreviewed
CVE-2018-19069 was published May 14, 2022
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the... Critical Unreviewed
CVE-2018-16957 was published May 14, 2022
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340,... Critical Unreviewed
CVE-2018-7241 was published May 14, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard... Critical Unreviewed
CVE-2018-8856 was published May 14, 2022
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded... Critical Unreviewed
CVE-2017-12574 was published May 14, 2022
An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin... Critical Unreviewed
CVE-2017-12577 was published May 14, 2022
The National Payments Corporation of India BHIM application 1.3 for Android relies on three... Critical Unreviewed
CVE-2017-9821 was published May 14, 2022
POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user.... Critical Unreviewed
CVE-2018-15808 was published May 14, 2022
Harmonic NSG 9000 devices have a default password of nsgadmin for the admin account, a default... Critical Unreviewed
CVE-2018-14943 was published May 14, 2022
Multiple hardcoded credentials in Xsuite 2.x. Critical Unreviewed
CVE-2015-4667 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database