GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,006
Composer 4,299
Erlang 31
GitHub Actions 21
Go 2,065
Maven 5,241
npm 3,744
NuGet 668
pip 3,425
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,043

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

537 advisories

Filter by severity

Sort by

Least recently updated

The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55,... Critical Unreviewed

CVE-2018-5399 was published May 13, 2022

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4... Critical Unreviewed

CVE-2018-5551 was published May 13, 2022

Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an... Critical Unreviewed

CVE-2019-0022 was published May 13, 2022

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an... Critical Unreviewed

CVE-2019-0020 was published May 13, 2022

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard... Critical Unreviewed

CVE-2019-3918 was published May 13, 2022

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log... Critical Unreviewed

CVE-2018-0150 was published May 13, 2022

The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028... Critical Unreviewed

CVE-2019-8950 was published May 13, 2022

spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to... Critical Unreviewed

CVE-2018-18008 was published May 13, 2022

Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private... Critical Unreviewed

CVE-2018-16158 was published May 13, 2022

Use of a Hard-coded Cryptographic Key used to protect cookie session data in /var/www/xms... Critical Unreviewed

CVE-2018-11635 was published May 13, 2022

A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated,... Critical Unreviewed

CVE-2018-15439 was published May 13, 2022

The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp... Critical Unreviewed

CVE-2016-6829 was published May 13, 2022

An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file... Critical Unreviewed

CVE-2018-7047 was published May 13, 2022

A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an... Critical Unreviewed

CVE-2019-1723 was published May 13, 2022

Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative... Critical Unreviewed

CVE-2017-3222 was published May 13, 2022

General Electric (GE) Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware before 5... Critical Unreviewed

CVE-2016-2310 was published May 13, 2022

dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to... Critical Unreviewed

CVE-2018-18009 was published May 13, 2022

D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded... Critical Unreviewed

CVE-2018-6210 was published May 13, 2022

atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin... Critical Unreviewed

CVE-2018-18007 was published May 13, 2022

An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services... Critical Unreviewed

CVE-2016-10177 was published May 13, 2022

Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have... Critical Unreviewed

CVE-2016-10307 was published May 13, 2022

Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga <= 2.6.1, GigaLynx... Critical Unreviewed

CVE-2016-10305 was published May 13, 2022

MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may... Critical Unreviewed

CVE-2017-10818 was published May 13, 2022

iball Baton 150M iB-WRA150N v1 00000001 1.2.6 build 110401 Rel.47776n devices are prone to an... Critical Unreviewed

CVE-2017-6558 was published May 13, 2022

DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username... Critical Unreviewed

CVE-2017-7576 was published May 13, 2022

Previous 1 2 … 18 19 20 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

537 advisories