GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,857

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

429 advisories

Filter by severity

Sort by

Least recently updated

Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952... High Unreviewed

CVE-2018-8870 was published May 13, 2022

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an... High Unreviewed

CVE-2019-1675 was published May 13, 2022

A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could... High Unreviewed

CVE-2019-1688 was published May 13, 2022

Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port... High Unreviewed

CVE-2019-3906 was published May 13, 2022

Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to... High Unreviewed

CVE-2019-3908 was published May 13, 2022

IBM Security Identity Manager 7.0.1 Virtual Appliance contains hard-coded credentials, such as a... High Unreviewed

CVE-2018-1959 was published May 13, 2022

A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation... High Unreviewed

CVE-2017-12239 was published May 13, 2022

An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607. High Unreviewed

CVE-2016-10179 was published May 13, 2022

An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704. It uses... High Unreviewed

CVE-2019-7161 was published May 13, 2022

A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When... High Unreviewed

CVE-2018-10898 was published May 13, 2022

The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough... High Unreviewed

CVE-2017-14115 was published May 13, 2022

An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller... High Unreviewed

CVE-2019-3496 was published May 13, 2022

An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping... High Unreviewed

CVE-2019-3497 was published May 13, 2022

Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due... High Unreviewed

CVE-2019-3710 was published May 13, 2022

A hard-coded password vulnerability exists in the console infactory functionality of InHand... High Unreviewed

CVE-2022-27172 was published May 13, 2022

Use of static encryption key material allows forging an authentication token to other users... High Unreviewed

CVE-2022-23724 was published May 5, 2022

ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not... High Unreviewed

CVE-2008-1160 was published May 1, 2022

EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to... High Unreviewed

CVE-2008-0961 was published May 1, 2022

The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with... High Unreviewed

CVE-2007-1063 was published May 1, 2022

admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain... High Unreviewed

CVE-2006-7074 was published May 1, 2022

Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back... High Unreviewed

CVE-2005-0496 was published May 1, 2022

The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known... High Unreviewed

CVE-2000-1139 was published Apr 30, 2022

A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA... High Unreviewed

CVE-2022-29856 was published Apr 30, 2022

ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote... High Unreviewed

CVE-2022-26672 was published Apr 23, 2022

A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance... High Unreviewed

CVE-2022-20773 was published Apr 22, 2022

Previous 1 2 … 14 15 16 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

429 advisories