GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
71 advisories
Filter by severity
A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5....
Moderate
Unreviewed
CVE-2023-2799
was published
May 18, 2023
A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is...
Critical
Unreviewed
CVE-2023-2645
was published
May 11, 2023
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1...
Moderate
Unreviewed
CVE-2023-29103
was published
May 9, 2023
A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471....
Moderate
Unreviewed
CVE-2023-0808
was published
Feb 13, 2023
A vulnerability classified as critical has been found in Netis Netcore Router. This affects an...
Critical
Unreviewed
CVE-2018-25069
was published
Jan 7, 2023
A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected...
Critical
Unreviewed
CVE-2014-125030
was published
Jan 1, 2023
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an...
Critical
Unreviewed
CVE-2022-41653
was published
Dec 14, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1...
High
Unreviewed
CVE-2022-29831
was published
Nov 25, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 all versions allows an...
High
Unreviewed
CVE-2022-29825
was published
Nov 25, 2022
A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd...
Critical
Unreviewed
CVE-2022-22144
was published
Aug 6, 2022
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and...
Critical
Unreviewed
CVE-2022-30271
was published
Jul 27, 2022
The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to...
Critical
Unreviewed
CVE-2021-32525
was published
May 24, 2022
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2...
Critical
Unreviewed
CVE-2021-38456
was published
May 24, 2022
A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4...
Critical
Unreviewed
CVE-2021-22729
was published
May 24, 2022
Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local...
High
Unreviewed
CVE-2021-32521
was published
May 24, 2022
The software contains a hard-coded password that could allow an attacker to take control of the...
Critical
Unreviewed
CVE-2021-27452
was published
May 24, 2022
The software contains a hard-coded password it uses for its own inbound authentication or for...
Critical
Unreviewed
CVE-2021-27440
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2021-27254
was published
May 24, 2022
A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by...
Moderate
Unreviewed
CVE-2020-7590
was published
May 24, 2022
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN...
High
Unreviewed
CVE-2019-13530
was published
May 24, 2022
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A...
Critical
Unreviewed
CVE-2021-36312
was published
Nov 24, 2021
ProTip!
Advisories are also available from the
GraphQL API