Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

414 advisories

Loading
Hard coded cryptographic key in Kiali High
CVE-2020-1764 was published for github.com/kiali/kiali (Go) May 18, 2021
An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets... High Unreviewed
CVE-2021-43284 was published Dec 1, 2021
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may... High Unreviewed
CVE-2021-26108 was published Dec 9, 2021
A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS... High Unreviewed
CVE-2021-41028 was published Dec 17, 2021
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. High Unreviewed
CVE-2021-44207 was published Dec 22, 2021
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10... High Unreviewed
CVE-2021-45520 was published Dec 27, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password. High Unreviewed
CVE-2021-45522 was published Dec 27, 2021
IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a... High Unreviewed
CVE-2021-32993 was published Dec 28, 2021
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear... High Unreviewed
CVE-2021-45732 was published Dec 31, 2021
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal... High Unreviewed
CVE-2021-20170 was published Dec 31, 2021
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded... High Unreviewed
CVE-2021-20132 was published Dec 31, 2021
Use of Hard-coded Credentials in Apache Kylin High
CVE-2021-45458 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL -... High Unreviewed
CVE-2021-43052 was published Jan 12, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <... High Unreviewed
CVE-2021-45033 was published Jan 12, 2022
Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware... High Unreviewed
CVE-2021-20612 was published Jan 15, 2022
Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric... High Unreviewed
CVE-2021-23842 was published Jan 20, 2022
Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely... High Unreviewed
CVE-2021-44464 was published Jan 22, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to... High Unreviewed
CVE-2021-42635 was published Feb 1, 2022
A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that... High Unreviewed
CVE-2021-42833 was published Feb 8, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information... High Unreviewed
CVE-2022-22722 was published Feb 11, 2022
BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat... High Unreviewed
CVE-2022-22765 was published Feb 15, 2022
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data... High Unreviewed
CVE-2021-46247 was published Feb 18, 2022
Use of Hard-coded Cryptographic Key in Netmaker High
CVE-2022-23650 was published for github.com/gravitl/netmaker (Go) Feb 22, 2022
JamieSlome MrSuicideParrot
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to... High Unreviewed
CVE-2022-24255 was published Mar 3, 2022
Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on... High Unreviewed
CVE-2022-25217 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API