GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,169 advisories
Filter by severity
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source...
High
Unreviewed
CVE-2022-26671
was published
Apr 8, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1,...
Critical
Unreviewed
CVE-2022-23441
was published
Apr 7, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of...
High
Unreviewed
CVE-2022-23440
was published
Apr 7, 2022
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,...
Critical
Unreviewed
CVE-2021-30064
was published
Apr 5, 2022
Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across...
Critical
Unreviewed
CVE-2022-25569
was published
Apr 5, 2022
A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP...
Critical
Unreviewed
CVE-2022-1162
was published
Apr 5, 2022
In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official...
High
Unreviewed
CVE-2021-46008
was published
Apr 1, 2022
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded...
Critical
Unreviewed
CVE-2022-24693
was published
Mar 31, 2022
UNNO v03.11.00 was discovered to contain access control issue.
Critical
Unreviewed
CVE-2022-25521
was published
Mar 30, 2022
ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite...
Critical
Unreviewed
CVE-2022-25577
was published
Mar 26, 2022
GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials....
Moderate
Unreviewed
CVE-2021-27430
was published
Mar 24, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded...
Critical
Unreviewed
CVE-2021-45877
was published
Mar 22, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a...
Moderate
Unreviewed
CVE-2020-25180
was published
Mar 19, 2022
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS...
Moderate
Unreviewed
CVE-2020-25193
was published
Mar 19, 2022
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded...
High
Unreviewed
CVE-2022-25246
was published
Mar 17, 2022
RunAsSpc 4.0 uses a universal and recoverable encryption key. In possession of a file encrypted...
High
Unreviewed
CVE-2022-26660
was published
Mar 17, 2022
Hard coded credentials in FreeTAKServer
High
CVE-2022-25510
was published
for
FreeTAKServer
(pip)
Mar 12, 2022
The following Yokogawa Electric products do not change the passwords of the internal Windows...
Critical
Unreviewed
CVE-2022-21194
was published
Mar 12, 2022
The following Yokogawa Electric products hard-code the password for CAMS server applications:...
Critical
Unreviewed
CVE-2022-23402
was published
Mar 12, 2022
Improper physical access control and use of hard-coded credentials in /etc/passwd permits an...
High
Unreviewed
CVE-2022-25213
was published
Mar 11, 2022
Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on...
High
Unreviewed
CVE-2022-25217
was published
Mar 11, 2022
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to...
High
Unreviewed
CVE-2022-24255
was published
Mar 3, 2022
Home Owners Collection Management System v1.0 was discovered to contain hardcoded credentials...
Critical
Unreviewed
CVE-2022-25045
was published
Mar 3, 2022
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform...
Critical
Unreviewed
CVE-2022-25329
was published
Feb 25, 2022
Use of Hard-coded Cryptographic Key in Netmaker
High
CVE-2022-23650
was published
for
github.com/gravitl/netmaker
(Go)
Feb 22, 2022
ProTip!
Advisories are also available from the
GraphQL API