Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,206 advisories

Loading
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an... Moderate Unreviewed
CVE-2018-17919 was published May 13, 2022
LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an... Critical Unreviewed
CVE-2018-18998 was published May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass... Moderate Unreviewed
CVE-2018-1650 was published May 13, 2022
IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a... Critical Unreviewed
CVE-2018-1742 was published May 13, 2022
IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or... Critical Unreviewed
CVE-2018-1818 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains... High Unreviewed
CVE-2018-1887 was published May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance contains... Critical Unreviewed
CVE-2018-1944 was published May 13, 2022
A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems /... Critical Unreviewed
CVE-2018-4846 was published May 13, 2022
The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55,... Critical Unreviewed
CVE-2018-5399 was published May 13, 2022
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4... Critical Unreviewed
CVE-2018-5551 was published May 13, 2022
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4... Low Unreviewed
CVE-2018-5552 was published May 13, 2022
A reliance on a static, hard-coded credential in the design of the cloud-based storage system of... High Unreviewed
CVE-2018-5560 was published May 13, 2022
Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4... High Unreviewed
CVE-2018-8857 was published May 13, 2022
Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952... High Unreviewed
CVE-2018-8870 was published May 13, 2022
Juniper ATP ships with hard coded credentials in the Web Collector instance which gives an... Critical Unreviewed
CVE-2019-0020 was published May 13, 2022
Juniper ATP ships with hard coded credentials in the Cyphort Core instance which gives an... Critical Unreviewed
CVE-2019-0022 was published May 13, 2022
A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an... High Unreviewed
CVE-2019-1675 was published May 13, 2022
A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could... High Unreviewed
CVE-2019-1688 was published May 13, 2022
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port... High Unreviewed
CVE-2019-3906 was published May 13, 2022
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to... High Unreviewed
CVE-2019-3908 was published May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard... Critical Unreviewed
CVE-2019-3918 was published May 13, 2022
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log... Critical Unreviewed
CVE-2018-0150 was published May 13, 2022
The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation... Moderate Unreviewed
CVE-2018-12240 was published May 13, 2022
The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028... Critical Unreviewed
CVE-2019-8950 was published May 13, 2022
IBM Security Identity Manager 7.0.1 Virtual Appliance contains hard-coded credentials, such as a... High Unreviewed
CVE-2018-1959 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database