Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
COMMAX CVD-Axx DVR 5.1.4 contains weak default administrative credentials that allow remote... Critical Unreviewed
CVE-2021-47707 was published Dec 9, 2025
The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are... Critical Unreviewed
CVE-2025-54303 was published Dec 4, 2025
Legacy Vivotek Device firmware uses default credetials for the root and user login accounts. Critical Unreviewed
CVE-2025-12592 was published Nov 19, 2025
SNMP Default Community String (public).This issue affects BLU-IC2: through 1.19.5; BLU-IC4:... Moderate Unreviewed
CVE-2025-12217 was published Oct 25, 2025
Weak Default Credentials.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed
CVE-2025-12218 was published Oct 25, 2025
NetBird VPN does not remove the default password of an admin account Critical
CVE-2025-10678 was published for github.com/netbirdio/netbird (Go) Oct 20, 2025
A vulnerability has been found in 70mai X200 up to 20251010. Affected by this vulnerability is an... Moderate Unreviewed
CVE-2025-11943 was published Oct 19, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a use of default credentials... Critical Unreviewed
CVE-2025-34516 was published Oct 16, 2025
iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within... Critical Unreviewed
CVE-2025-10542 was published Sep 25, 2025
Airship AI Acropolis includes a default administrative account that uses the same credentials on... Critical Unreviewed
CVE-2025-35042 was published Sep 22, 2025
Control-M/Agents use a kdb or PKCS#12 keystore by default, and the default keystore password is... Moderate Unreviewed
CVE-2025-55110 was published Sep 16, 2025
CWE-1392: Use of Default Credentials Critical Unreviewed
CVE-2025-55051 was published Sep 9, 2025
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an... Low Unreviewed
CVE-2025-9577 was published Aug 28, 2025
A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown... Low Unreviewed
CVE-2025-9576 was published Aug 28, 2025
Agiloft Release 28 contains several accounts with default credentials that could allow local... High Unreviewed
CVE-2025-35114 was published Aug 27, 2025
Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware... Moderate Unreviewed
CVE-2025-29521 was published Aug 26, 2025
DASAN GPON ONU H660WM OS version H660WMR210825 Hardware version DS-E5-583-A1 was discovered to... Moderate Unreviewed
CVE-2025-29525 was published Aug 26, 2025
Default Credentials in nginx-defender Configuration Files Moderate
CVE-2025-55740 was published for github.com/Anipaleja/nginx-defender (Go) Aug 19, 2025
Anipaleja
Credited to Anipaleja
A credential management flaw in Palo Alto Networks Cortex XDR® Broker VM causes different Broker... Moderate Unreviewed
CVE-2025-2184 was published Aug 13, 2025
A vulnerability was found in TRENDnet TI-G160i, TI-PG102i and TPL-430AP up to 20250724. It has... High Unreviewed
CVE-2025-8731 was published Aug 8, 2025
A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7.... Moderate Unreviewed
CVE-2025-8530 was published Aug 5, 2025
Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a SQL injection... Moderate Unreviewed
CVE-2025-51535 was published Aug 4, 2025
NodeJS version of the HAX CMS application is distributed with Default Secrets High
CVE-2025-54137 was published for @haxtheweb/haxcms-nodejs (npm) Jul 21, 2025
lfgberg asareynolds
Credited to lfgberg and asareynolds
A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has been classified as... Moderate Unreviewed
CVE-2025-7907 was published Jul 20, 2025
Multiple services of the DUT as well as different scopes of the same service reuse the same... Moderate Unreviewed
CVE-2025-1711 was published Jul 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database