GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
522 advisories
Filter by severity
** DISPUTED ** Default and unremovable support credentials allow attackers to gain total super...
Critical
Unreviewed
CVE-2018-11682
was published
May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:nwk password:nwk2) allow...
Critical
Unreviewed
CVE-2018-11681
was published
May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:lutron password:integration)...
Critical
Unreviewed
CVE-2018-11629
was published
May 14, 2022
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default...
Critical
Unreviewed
CVE-2018-14324
was published
May 14, 2022
An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded...
Critical
Unreviewed
CVE-2019-10479
was published
May 14, 2022
ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02...
Critical
Unreviewed
CVE-2019-10011
was published
May 14, 2022
A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which...
Critical
Unreviewed
CVE-2018-7800
was published
May 14, 2022
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices...
Critical
Unreviewed
CVE-2018-12668
was published
May 14, 2022
Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An...
Critical
Unreviewed
CVE-2018-1000625
was published
May 14, 2022
The server API in the Anda app relies on hardcoded credentials.
Critical
Unreviewed
CVE-2018-13342
was published
May 14, 2022
Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android...
Critical
Unreviewed
CVE-2018-18006
was published
May 14, 2022
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4...
Critical
Unreviewed
CVE-2018-0681
was published
May 14, 2022
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4...
Critical
Unreviewed
CVE-2018-0680
was published
May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application...
Critical
Unreviewed
CVE-2018-19063
was published
May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application...
Critical
Unreviewed
CVE-2018-19067
was published
May 14, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application...
Critical
Unreviewed
CVE-2018-19069
was published
May 14, 2022
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the...
Critical
Unreviewed
CVE-2018-16957
was published
May 14, 2022
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340,...
Critical
Unreviewed
CVE-2018-7241
was published
May 14, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard...
Critical
Unreviewed
CVE-2018-8856
was published
May 14, 2022
An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. A hardcoded...
Critical
Unreviewed
CVE-2017-12574
was published
May 14, 2022
An issue was discovered on the PLANEX CS-QR20 1.30. A hardcoded account / password ("admin...
Critical
Unreviewed
CVE-2017-12577
was published
May 14, 2022
The National Payments Corporation of India BHIM application 1.3 for Android relies on three...
Critical
Unreviewed
CVE-2017-9821
was published
May 14, 2022
POSIM EVO 15.13 for Windows includes hardcoded database credentials for the "root" database user....
Critical
Unreviewed
CVE-2018-15808
was published
May 14, 2022
Harmonic NSG 9000 devices have a default password of nsgadmin for the admin account, a default...
Critical
Unreviewed
CVE-2018-14943
was published
May 14, 2022
Multiple hardcoded credentials in Xsuite 2.x.
Critical
Unreviewed
CVE-2015-4667
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API