GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,093 advisories

Filter by severity

Sort by

Least recently updated

EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented... Critical Unreviewed

CVE-2022-39185 was published Jan 12, 2023

Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on... High Unreviewed

CVE-2022-25217 was published Mar 11, 2022

Improper physical access control and use of hard-coded credentials in /etc/passwd permits an... High Unreviewed

CVE-2022-25213 was published Mar 11, 2022

The following Yokogawa Electric products hard-code the password for CAMS server applications:... Critical Unreviewed

CVE-2022-23402 was published Mar 12, 2022

The following Yokogawa Electric products do not change the passwords of the internal Windows... Critical Unreviewed

CVE-2022-21194 was published Mar 12, 2022

Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded... High Unreviewed

CVE-2022-25246 was published Mar 17, 2022

RunAsSpc 4.0 uses a universal and recoverable encryption key. In possession of a file encrypted... High Unreviewed

CVE-2022-26660 was published Mar 17, 2022

An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W... Moderate Unreviewed

CVE-2022-21199 was published Jan 29, 2022

By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS... Moderate Unreviewed

CVE-2020-25193 was published Mar 19, 2022

Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a... Moderate Unreviewed

CVE-2020-25180 was published Mar 19, 2022

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded... Critical Unreviewed

CVE-2021-45877 was published Mar 22, 2022

GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials.... Moderate Unreviewed

CVE-2021-27430 was published Mar 24, 2022

ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite... Critical Unreviewed

CVE-2022-25577 was published Mar 26, 2022

Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded... Critical Unreviewed

CVE-2022-24693 was published Mar 31, 2022

In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official... High Unreviewed

CVE-2021-46008 was published Apr 1, 2022

A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP... Critical Unreviewed

CVE-2022-1162 was published Apr 5, 2022

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,... Critical Unreviewed

CVE-2021-30064 was published Apr 5, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of... High Unreviewed

CVE-2022-23440 was published Apr 7, 2022

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across... Critical Unreviewed

CVE-2022-25569 was published Apr 5, 2022

Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source... High Unreviewed

CVE-2022-26671 was published Apr 8, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1,... Critical Unreviewed

CVE-2022-23441 was published Apr 7, 2022

Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user... Moderate Unreviewed

CVE-2022-22560 was published Apr 13, 2022

Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI Moderate Unreviewed

CVE-2022-27506 was published Apr 14, 2022

An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView... Critical Unreviewed

CVE-2021-40390 was published Apr 15, 2022

Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the... Low Unreviewed

CVE-2020-25168 was published Apr 15, 2022

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,093 advisories