Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,154 advisories

Loading
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail... Critical Unreviewed
CVE-2017-3184 was published May 13, 2022
A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA,... Critical Unreviewed
CVE-2017-6022 was published May 13, 2022
A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all... Moderate Unreviewed
CVE-2017-6039 was published May 13, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9... High Unreviewed
CVE-2017-6054 was published May 13, 2022
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally... High Unreviewed
CVE-2017-7537 was published May 13, 2022
A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH... High Unreviewed
CVE-2017-7927 was published May 13, 2022
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069... Critical Unreviewed
CVE-2017-9656 was published May 13, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000... Moderate Unreviewed
CVE-2017-9649 was published May 13, 2022
Juniper Networks Contrail Service Orchestrator versions prior to 4.0.0 use hardcoded... Critical Unreviewed
CVE-2018-0040 was published May 13, 2022
Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service... Critical Unreviewed
CVE-2018-0039 was published May 13, 2022
Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials... Critical Unreviewed
CVE-2018-0041 was published May 13, 2022
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an... High Unreviewed
CVE-2018-0141 was published May 13, 2022
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated... Critical Unreviewed
CVE-2018-0222 was published May 13, 2022
A vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an... Critical Unreviewed
CVE-2018-0375 was published May 13, 2022
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU... Critical Unreviewed
CVE-2018-10592 was published May 13, 2022
Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100 utilizes hard-coded... Critical Unreviewed
CVE-2018-10633 was published May 13, 2022
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018,... High Unreviewed
CVE-2018-14801 was published May 13, 2022
A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could... Critical Unreviewed
CVE-2018-15389 was published May 13, 2022
A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco... Critical Unreviewed
CVE-2018-15427 was published May 13, 2022
Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server... Critical Unreviewed
CVE-2018-15720 was published May 13, 2022
The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded... High Unreviewed
CVE-2018-15781 was published May 13, 2022
EasyLobby Solo contains default administrative credentials. An attacker could exploit this... High Unreviewed
CVE-2018-17492 was published May 13, 2022
NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard... Critical Unreviewed
CVE-2018-17894 was published May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The... High Unreviewed
CVE-2018-17896 was published May 13, 2022
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an... Moderate Unreviewed
CVE-2018-17919 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database