Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,427
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

537 advisories

Loading
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account. Critical Unreviewed
CVE-2017-11351 was published May 17, 2022
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior... Critical Unreviewed
CVE-2017-9957 was published May 17, 2022
On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default)... Critical Unreviewed
CVE-2017-8771 was published May 17, 2022
On BE126 WIFI repeater 1.0 devices, an attacker can log into telnet (which is open by default)... Critical Unreviewed
CVE-2017-8772 was published May 17, 2022
A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all... Critical Unreviewed
CVE-2017-12928 was published May 17, 2022
The SMI-S service in Dell Storage Manager versions earlier than 16.3.20 (aka 2016 R3.20) is... Critical Unreviewed
CVE-2017-14374 was published May 14, 2022
Zivif PR115-204-P-RS V2.3.4.2103 web cameras contain a hard-coded cat1029 password for the root... Critical Unreviewed
CVE-2017-17107 was published May 14, 2022
The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to... Critical Unreviewed
CVE-2017-14143 was published May 14, 2022
TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of... Critical Unreviewed
CVE-2014-8579 was published May 14, 2022
MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account. Critical Unreviewed
CVE-2018-5723 was published May 14, 2022
IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 contains hard-coded credentials. A remote... Critical Unreviewed
CVE-2017-1204 was published May 14, 2022
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the... Critical Unreviewed
CVE-2018-6387 was published May 14, 2022
An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a... Critical Unreviewed
CVE-2018-6825 was published May 14, 2022
IBM XIV Storage System 2810-A14 and 2812-A14 devices before level 10.2.4.e-2 and 2810-114 and... Critical Unreviewed
CVE-2012-2166 was published May 14, 2022
backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@#... Critical Unreviewed
CVE-2014-3205 was published May 14, 2022
Datto ALTO and SIRIS devices have a default VNC password. Critical Unreviewed
CVE-2015-9254 was published May 14, 2022
An issue was discovered on Wireless IP Camera 360 devices. Remote attackers can discover a weakly... Critical Unreviewed
CVE-2017-11634 was published May 14, 2022
A hard-coded password vulnerability was discovered in vApp Manager which is embedded in Dell EMC... Critical Unreviewed
CVE-2018-1216 was published May 14, 2022
EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains... Critical Unreviewed
CVE-2017-8013 was published May 14, 2022
A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router... Critical Unreviewed
CVE-2018-5768 was published May 14, 2022
Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded... Critical Unreviewed
CVE-2018-9161 was published May 14, 2022
Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT... Critical Unreviewed
CVE-2018-10723 was published May 14, 2022
The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain... Critical Unreviewed
CVE-2017-17540 was published May 14, 2022
The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to... Critical Unreviewed
CVE-2017-17539 was published May 14, 2022
Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an... Critical Unreviewed
CVE-2018-6401 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database