GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,562
Composer 4,198
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,918

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

526 advisories

Filter by severity

Sort by

Least recently updated

European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak... Critical Unreviewed

CVE-2023-26089 was published May 2, 2023

The optional Web Screens and Global Search features for Sage 300 through version 2022 use a hard... Critical Unreviewed

CVE-2022-41397 was published Apr 28, 2023

Sage 300 through 2022 uses a hard-coded 40-byte blowfish key to encrypt and decrypt user... Critical Unreviewed

CVE-2022-41400 was published Apr 28, 2023

An issue was discovered in Fighting Cock Information System 1.0, which uses default credentials,... Critical Unreviewed

CVE-2022-39989 was published Apr 26, 2023

The listed versions of Nexx Smart Home devices use hard-coded credentials. An attacker with... Critical Unreviewed

CVE-2023-1748 was published Apr 4, 2023

Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded... Critical Unreviewed

CVE-2023-28654 was published Mar 28, 2023

Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows... Critical Unreviewed

CVE-2022-22512 was published Mar 23, 2023

A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0... Critical Unreviewed

CVE-2023-26511 was published Mar 14, 2023

The Akuvox E11 secure shell (SSH) server is enabled by default and can be accessed by the root... Critical Unreviewed

CVE-2023-0345 was published Mar 13, 2023

Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC... Critical Unreviewed

CVE-2023-22344 was published Mar 6, 2023

ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded... Critical Unreviewed

CVE-2023-26462 was published Feb 23, 2023

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP... Critical Unreviewed

CVE-2022-46637 was published Feb 21, 2023

Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could... Critical Unreviewed

CVE-2022-3089 was published Feb 13, 2023

Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software... Critical Unreviewed

CVE-2022-45766 was published Feb 10, 2023

Western Digital My Cloud devices before OS5 have a nobody account with a blank password. Critical Unreviewed

CVE-2021-36224 was published Feb 6, 2023

TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which... Critical Unreviewed

CVE-2023-24155 was published Feb 3, 2023

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is... Critical Unreviewed

CVE-2023-24149 was published Feb 3, 2023

A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to... Critical Unreviewed

CVE-2022-48113 was published Feb 3, 2023

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3... Critical Unreviewed

CVE-2023-24022 was published Jan 26, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34442 was published Jan 18, 2023

EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented... Critical Unreviewed

CVE-2022-39185 was published Jan 12, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34441 was published Jan 11, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34440 was published Jan 11, 2023

In the DES implementation, the affected product versions use a default key for encryption.... Critical Unreviewed

CVE-2021-40342 was published Jan 6, 2023

The affected products store both public and private key that are used to sign and protect Custom... Critical Unreviewed

CVE-2022-3927 was published Jan 6, 2023

Previous 1 2 3 4 5 6 7 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

526 advisories