GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
544 advisories
Filter by severity
HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows...
Critical
Unreviewed
CVE-2021-26611
was published
Nov 27, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The SNMP daemon was...
Critical
Unreviewed
CVE-2021-43044
was published
Dec 7, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to...
Critical
Unreviewed
CVE-2021-20155
was published
Dec 31, 2021
ENC DataVault 7.1.1W uses an inappropriate encryption algorithm, such that an attacker (who does...
Critical
Unreviewed
CVE-2021-36751
was published
Jan 3, 2022
QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736...
Critical
Unreviewed
CVE-2022-22845
was published
Jan 11, 2022
The Le-yan dental management system contains a hard-coded credentials vulnerability in the web...
Critical
Unreviewed
CVE-2022-22056
was published
Jan 15, 2022
Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any...
Critical
Unreviewed
CVE-2021-23233
was published
Jan 22, 2022
MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key...
Critical
Unreviewed
CVE-2022-22928
was published
Jan 22, 2022
Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source...
Critical
Unreviewed
CVE-2020-36064
was published
Feb 1, 2022
The affected product has a hardcoded private key available inside the project folder, which may...
Critical
Unreviewed
CVE-2022-22987
was published
Feb 10, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the...
Critical
Unreviewed
CVE-2022-22813
was published
Feb 11, 2022
Incorrect handling of credential expiry by /nats-io/nats-server
Critical
CVE-2020-26892
was published
for
github.com/nats-io/jwt
(Go)
Feb 11, 2022
Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the...
Critical
Unreviewed
CVE-2020-36062
was published
Feb 12, 2022
Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric...
Critical
Unreviewed
CVE-2021-27797
was published
Feb 22, 2022
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform...
Critical
Unreviewed
CVE-2022-25329
was published
Feb 25, 2022
Home Owners Collection Management System v1.0 was discovered to contain hardcoded credentials...
Critical
Unreviewed
CVE-2022-25045
was published
Mar 3, 2022
The following Yokogawa Electric products hard-code the password for CAMS server applications:...
Critical
Unreviewed
CVE-2022-23402
was published
Mar 12, 2022
The following Yokogawa Electric products do not change the passwords of the internal Windows...
Critical
Unreviewed
CVE-2022-21194
was published
Mar 12, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded...
Critical
Unreviewed
CVE-2021-45877
was published
Mar 22, 2022
ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite...
Critical
Unreviewed
CVE-2022-25577
was published
Mar 26, 2022
UNNO v03.11.00 was discovered to contain access control issue.
Critical
Unreviewed
CVE-2022-25521
was published
Mar 30, 2022
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded...
Critical
Unreviewed
CVE-2022-24693
was published
Mar 31, 2022
A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP...
Critical
Unreviewed
CVE-2022-1162
was published
Apr 5, 2022
Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across...
Critical
Unreviewed
CVE-2022-25569
was published
Apr 5, 2022
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,...
Critical
Unreviewed
CVE-2021-30064
was published
Apr 5, 2022
ProTip!
Advisories are also available from the
GraphQL API