GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
430 advisories
Filter by severity
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code...
High
Unreviewed
CVE-2019-3983
was published
May 24, 2022
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local...
High
Unreviewed
CVE-2019-16207
was published
May 24, 2022
The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a...
High
Unreviewed
CVE-2018-18929
was published
May 24, 2022
CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default...
High
Unreviewed
CVE-2019-13657
was published
May 24, 2022
ifw8 Router ROM v4.31 allows credential disclosure by reading the action/usermanager.htm HTML...
High
Unreviewed
CVE-2019-16313
was published
May 24, 2022
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN...
High
Unreviewed
CVE-2019-13530
was published
May 24, 2022
The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the...
High
Unreviewed
CVE-2019-15867
was published
May 24, 2022
The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the...
High
Unreviewed
CVE-2019-15745
was published
May 24, 2022
The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for...
High
Unreviewed
CVE-2016-10928
was published
May 24, 2022
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR...
High
Unreviewed
CVE-2019-9229
was published
May 24, 2022
A vulnerability in the Cisco FindIT Network Management Software virtual machine (VM) images could...
High
Unreviewed
CVE-2019-1919
was published
May 24, 2022
Optergy Proton/Enterprise devices have Hard-coded Credentials.
High
Unreviewed
CVE-2019-7279
was published
May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)...
High
Unreviewed
CVE-2019-11947
was published
May 24, 2022
A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless...
High
Unreviewed
CVE-2018-4062
was published
May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01...
High
Unreviewed
CVE-2018-18979
was published
May 24, 2022
An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01...
High
Unreviewed
CVE-2018-18978
was published
May 24, 2022
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by...
High
Unreviewed
CVE-2017-18374
was published
May 24, 2022
The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three...
High
Unreviewed
CVE-2017-18373
was published
May 24, 2022
A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web...
High
Unreviewed
CVE-2023-5456
was published
Mar 5, 2024
EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to...
High
Unreviewed
CVE-2008-0961
was published
May 1, 2022
A remote code execution vulnerability exists in Microsoft Exchange software when the software...
High
Unreviewed
CVE-2020-0688
was published
May 24, 2022
ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not...
High
Unreviewed
CVE-2008-1160
was published
May 1, 2022
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back...
High
Unreviewed
CVE-2005-0496
was published
May 1, 2022
Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password ...
High
Unreviewed
CVE-2010-1573
was published
May 14, 2022
Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App...
High
Unreviewed
CVE-2023-6255
was published
Feb 15, 2024
ProTip!
Advisories are also available from the
GraphQL API