Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

417 advisories

Loading
Uber Technologies, Inc. UberEATS: Uber for Food Delivery, 1.108.10001, 2017-11-02, iOS... High Unreviewed
CVE-2017-13104 was published May 13, 2022
DistinctDev, Inc., The Moron Test, 6.3.1, 2017-05-04, iOS application uses a hard-coded key for... High Unreviewed
CVE-2017-13100 was published May 13, 2022
Gameloft Asphalt Xtreme: Offroad Rally Racing, 1.6.0, 2017-08-13, iOS application uses a hard... High Unreviewed
CVE-2017-13102 was published May 13, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9... High Unreviewed
CVE-2017-6054 was published May 13, 2022
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally... High Unreviewed
CVE-2017-7537 was published May 13, 2022
A Use of Password Hash Instead of Password for Authentication issue was discovered in Dahua DH... High Unreviewed
CVE-2017-7927 was published May 13, 2022
A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an... High Unreviewed
CVE-2018-0141 was published May 13, 2022
In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018,... High Unreviewed
CVE-2018-14801 was published May 13, 2022
The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded... High Unreviewed
CVE-2018-15781 was published May 13, 2022
EasyLobby Solo contains default administrative credentials. An attacker could exploit this... High Unreviewed
CVE-2018-17492 was published May 13, 2022
Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The... High Unreviewed
CVE-2018-17896 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains... High Unreviewed
CVE-2018-1887 was published May 13, 2022
A reliance on a static, hard-coded credential in the design of the cloud-based storage system of... High Unreviewed
CVE-2018-5560 was published May 13, 2022
Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4... High Unreviewed
CVE-2018-8857 was published May 13, 2022
Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952... High Unreviewed
CVE-2018-8870 was published May 13, 2022
A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an... High Unreviewed
CVE-2019-1675 was published May 13, 2022
A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could... High Unreviewed
CVE-2019-1688 was published May 13, 2022
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port... High Unreviewed
CVE-2019-3906 was published May 13, 2022
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to... High Unreviewed
CVE-2019-3908 was published May 13, 2022
IBM Security Identity Manager 7.0.1 Virtual Appliance contains hard-coded credentials, such as a... High Unreviewed
CVE-2018-1959 was published May 13, 2022
A vulnerability in motherboard console ports of line cards for Cisco ASR 1000 Series Aggregation... High Unreviewed
CVE-2017-12239 was published May 13, 2022
An issue was discovered on the D-Link DWR-932B router. There is a hardcoded WPS PIN of 28296607. High Unreviewed
CVE-2016-10179 was published May 13, 2022
An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704. It uses... High Unreviewed
CVE-2019-7161 was published May 13, 2022
A vulnerability was found in openstack-tripleo-heat-templates before version 8.0.2-40. When... High Unreviewed
CVE-2018-10898 was published May 13, 2022
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough... High Unreviewed
CVE-2017-14115 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database