Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

426 advisories

Loading
An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607. High Unreviewed
CVE-2016-10179 was published May 13, 2022
A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation... High Unreviewed
CVE-2017-12239 was published May 13, 2022
IBM Security Identity Manager 7.0.1 Virtual Appliance contains hard-coded credentials, such as a... High Unreviewed
CVE-2018-1959 was published May 13, 2022
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port... High Unreviewed
CVE-2019-3906 was published May 13, 2022
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to... High Unreviewed
CVE-2019-3908 was published May 13, 2022
A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could... High Unreviewed
CVE-2019-1688 was published May 13, 2022
A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an... High Unreviewed
CVE-2019-1675 was published May 13, 2022
Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952... High Unreviewed
CVE-2018-8870 was published May 13, 2022
Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4... High Unreviewed
CVE-2018-8857 was published May 13, 2022
A reliance on a static, hard-coded credential in the design of the cloud-based storage system of... High Unreviewed
CVE-2018-5560 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains... High Unreviewed
CVE-2018-1887 was published May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The... High Unreviewed
CVE-2018-17896 was published May 13, 2022
EasyLobby Solo contains default administrative credentials. An attacker could exploit this... High Unreviewed
CVE-2018-17492 was published May 13, 2022
The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded... High Unreviewed
CVE-2018-15781 was published May 13, 2022
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018,... High Unreviewed
CVE-2018-14801 was published May 13, 2022
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an... High Unreviewed
CVE-2018-0141 was published May 13, 2022
A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH... High Unreviewed
CVE-2017-7927 was published May 13, 2022
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally... High Unreviewed
CVE-2017-7537 was published May 13, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9... High Unreviewed
CVE-2017-6054 was published May 13, 2022
DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, Android application uses a... High Unreviewed
CVE-2017-13108 was published May 13, 2022
Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, 5.0.3, 2017-09-19, Android... High Unreviewed
CVE-2017-13106 was published May 13, 2022
Gameloft Asphalt Xtreme: Offroad Rally Racing, 1.6.0, 2017-08-13, iOS application uses a hard... High Unreviewed
CVE-2017-13102 was published May 13, 2022
Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key... High Unreviewed
CVE-2017-13107 was published May 13, 2022
DistinctDev, Inc., The Moron Test, 6.3.1, 2017-05-04, iOS application uses a hard-coded key for... High Unreviewed
CVE-2017-13100 was published May 13, 2022
Musical.ly Inc., musical.ly - your video social network, 6.1.6, 2017-10-03, iOS application uses... High Unreviewed
CVE-2017-13101 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database