Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

168 advisories

Loading
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... Moderate Unreviewed
CVE-2023-37858 was published Aug 9, 2023
Microweber uses hard coded credentials Moderate
CVE-2023-5318 was published for microweber/microweber (Composer) Sep 30, 2023
Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated... Moderate Unreviewed
CVE-2023-41030 was published Sep 18, 2023
A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects... Moderate Unreviewed
CVE-2023-3237 was published Jun 14, 2023
Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials,... Moderate Unreviewed
CVE-2021-35232 was published Dec 28, 2021
An information disclosure vulnerability exists in the router configuration export functionality... Moderate Unreviewed
CVE-2022-26020 was published May 13, 2022
A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage... Moderate Unreviewed
CVE-2021-42849 was published May 19, 2022
The ABB HMI components implement hidden administrative accounts that are used during the... Moderate Unreviewed
CVE-2019-7225 was published May 24, 2022
The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to... Moderate Unreviewed
CVE-2020-35137 was published May 24, 2022
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ... Moderate Unreviewed
CVE-2022-34386 was published Feb 11, 2023
PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys... Moderate Unreviewed
CVE-2022-34449 was published Feb 11, 2023
Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-21426 was published Feb 9, 2023
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a... Moderate Unreviewed
CVE-2019-10990 was published May 24, 2022
A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471.... Moderate Unreviewed
CVE-2023-0808 was published Feb 13, 2023
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials,... Moderate Unreviewed
CVE-2021-29728 was published May 24, 2022
This vulnerability allows network-adjacent attackers execute arbitrary code on affected... Moderate Unreviewed
CVE-2020-10884 was published May 24, 2022
IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could... Moderate Unreviewed
CVE-2019-4220 was published May 24, 2022
A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use... Moderate Unreviewed
CVE-2021-45106 was published Feb 10, 2022
Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be... Moderate Unreviewed
CVE-2022-22766 was published Feb 12, 2022
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10... Moderate Unreviewed
CVE-2021-45521 was published Dec 27, 2021
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless... Moderate Unreviewed
CVE-2017-12725 was published May 14, 2022
Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key... Moderate Unreviewed
CVE-2018-9073 was published May 14, 2022
Amcrest networked devices use the same hardcoded SSL private key across different customers'... Moderate Unreviewed
CVE-2018-16546 was published May 13, 2022
FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses... Moderate Unreviewed
CVE-2017-2720 was published May 13, 2022
Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow... Moderate Unreviewed
CVE-2022-38069 was published Sep 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database