GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
161 advisories
Filter by severity
A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may...
Moderate
Unreviewed
CVE-2023-39982
was published
Sep 2, 2023
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models...
Moderate
Unreviewed
CVE-2022-3744
was published
Aug 23, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded...
Moderate
Unreviewed
CVE-2023-3262
was published
Aug 14, 2023
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow...
Moderate
Unreviewed
CVE-2022-44612
was published
Aug 11, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that...
Moderate
Unreviewed
CVE-2023-35763
was published
Jul 18, 2023
"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4...
Moderate
Unreviewed
CVE-2023-28387
was published
Jun 30, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050...
Moderate
Unreviewed
CVE-2023-33920
was published
Jun 13, 2023
JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may...
Moderate
Unreviewed
CVE-2023-27921
was published
May 23, 2023
The NetApp HCI H610S Baseboard Management Controller (BMC) is shipped with a documented default...
Moderate
Unreviewed
CVE-2020-8573
was published
May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account...
Moderate
Unreviewed
CVE-2020-15318
was published
May 24, 2022
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow...
Moderate
Unreviewed
CVE-2018-9195
was published
May 24, 2022
Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager...
Moderate
Unreviewed
CVE-2019-12376
was published
May 24, 2022
VVX products using UCS software version 5.8.0 and earlier with Better Together over Ethernet...
Moderate
Unreviewed
CVE-2019-10688
was published
May 24, 2022
Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local...
Moderate
Unreviewed
CVE-2024-3130
was published
Apr 1, 2024
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242...
Moderate
Unreviewed
CVE-2020-11876
was published
May 24, 2022
** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt...
Moderate
Unreviewed
CVE-2021-43575
was published
May 24, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for...
Moderate
Unreviewed
CVE-2022-29960
was published
Jul 27, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29...
Moderate
Unreviewed
CVE-2022-29964
was published
Jul 27, 2022
auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the (1) test, ...
Moderate
Unreviewed
CVE-2010-2073
was published
May 17, 2022
Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP...
Moderate
Unreviewed
CVE-2005-3803
was published
May 1, 2022
The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2...
Moderate
Unreviewed
CVE-2005-3716
was published
May 1, 2022
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022...
Moderate
Unreviewed
CVE-2022-30314
was published
Jul 29, 2022
manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key,...
Moderate
Unreviewed
CVE-2008-2369
was published
May 1, 2022
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users...
Moderate
Unreviewed
CVE-2010-2772
was published
May 17, 2022
The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in...
Moderate
Unreviewed
CVE-2006-7142
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API