GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,645
Composer 4,233
Erlang 31
GitHub Actions 20
Go 1,992
Maven 5,179
npm 3,709
NuGet 661
pip 3,346
Pub 11
RubyGems 884
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 235,004

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

543 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file... Critical Unreviewed

CVE-2018-7047 was published May 13, 2022

The trove service user in (1) Openstack deployment (aka crowbar-openstack) and (2) Trove Barclamp... Critical Unreviewed

CVE-2016-6829 was published May 13, 2022

A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated,... Critical Unreviewed

CVE-2018-15439 was published May 13, 2022

Use of a Hard-coded Cryptographic Key used to protect cookie session data in /var/www/xms... Critical Unreviewed

CVE-2018-11635 was published May 13, 2022

Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private... Critical Unreviewed

CVE-2018-16158 was published May 13, 2022

spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to... Critical Unreviewed

CVE-2018-18008 was published May 13, 2022

The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028... Critical Unreviewed

CVE-2019-8950 was published May 13, 2022

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log... Critical Unreviewed

CVE-2018-0150 was published May 13, 2022

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard... Critical Unreviewed

CVE-2019-3918 was published May 13, 2022

Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an... Critical Unreviewed

CVE-2019-0022 was published May 13, 2022

Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an... Critical Unreviewed

CVE-2019-0020 was published May 13, 2022

Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4... Critical Unreviewed

CVE-2018-5551 was published May 13, 2022

The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55,... Critical Unreviewed

CVE-2018-5399 was published May 13, 2022

A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems /... Critical Unreviewed

CVE-2018-4846 was published May 13, 2022

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains... Critical Unreviewed

CVE-2018-1944 was published May 13, 2022

IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or... Critical Unreviewed

CVE-2018-1818 was published May 13, 2022

IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a... Critical Unreviewed

CVE-2018-1742 was published May 13, 2022

LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an... Critical Unreviewed

CVE-2018-18998 was published May 13, 2022

NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard... Critical Unreviewed

CVE-2018-17894 was published May 13, 2022

Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server... Critical Unreviewed

CVE-2018-15720 was published May 13, 2022

A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco... Critical Unreviewed

CVE-2018-15427 was published May 13, 2022

A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could... Critical Unreviewed

CVE-2018-15389 was published May 13, 2022

Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded... Critical Unreviewed

CVE-2018-10633 was published May 13, 2022

Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU... Critical Unreviewed

CVE-2018-10592 was published May 13, 2022

A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an... Critical Unreviewed

CVE-2018-0375 was published May 13, 2022

Previous 1 2 3 4 5 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

543 advisories