Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,425
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

537 advisories

Loading
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4... Critical Unreviewed
CVE-2018-0680 was published May 14, 2022
Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android... Critical Unreviewed
CVE-2018-18006 was published May 14, 2022
The server API in the Anda app relies on hardcoded credentials. Critical Unreviewed
CVE-2018-13342 was published May 14, 2022
Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An... Critical Unreviewed
CVE-2018-1000625 was published May 14, 2022
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices... Critical Unreviewed
CVE-2018-12668 was published May 14, 2022
A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which... Critical Unreviewed
CVE-2018-7800 was published May 14, 2022
ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campus Solution) before 2019-02... Critical Unreviewed
CVE-2019-10011 was published May 14, 2022
An issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded... Critical Unreviewed
CVE-2019-10479 was published May 14, 2022
The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default... Critical Unreviewed
CVE-2018-14324 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:lutron password:integration)... Critical Unreviewed
CVE-2018-11629 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials (user:nwk password:nwk2) allow... Critical Unreviewed
CVE-2018-11681 was published May 14, 2022
** DISPUTED ** Default and unremovable support credentials allow attackers to gain total super... Critical Unreviewed
CVE-2018-11682 was published May 14, 2022
A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV... Critical Unreviewed
CVE-2018-18473 was published May 13, 2022
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the... Critical Unreviewed
CVE-2018-11509 was published May 13, 2022
** DISPUTED ** An Incorrect Password Management issue was discovered in SMA Solar Technology... Critical Unreviewed
CVE-2017-9852 was published May 13, 2022
The Data Warehouse component in NetApp OnCommand Insight before 7.2.3 allows remote attackers to... Critical Unreviewed
CVE-2017-5600 was published May 13, 2022
EMC ESRS Policy Manager prior to 6.8 contains an undocumented account (OpenDS admin) with a... Critical Unreviewed
CVE-2017-4976 was published May 13, 2022
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting... Critical Unreviewed
CVE-2017-12860 was published May 13, 2022
An issue was discovered on Wireless IP Camera 360 devices. A root account with a known SHA-512... Critical Unreviewed
CVE-2017-11632 was published May 13, 2022
Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module ... Critical Unreviewed
CVE-2014-5434 was published May 13, 2022
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior,... Critical Unreviewed
CVE-2015-3953 was published May 13, 2022
A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal... Critical Unreviewed
CVE-2016-9358 was published May 13, 2022
A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed... Critical Unreviewed
CVE-2016-9335 was published May 13, 2022
GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these... Critical Unreviewed
CVE-2017-14002 was published May 13, 2022
GE GEMNet License server (EchoServer) all current versions are affected these devices use default... Critical Unreviewed
CVE-2017-14004 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database