GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,952
Composer 4,274
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,419
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,580

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

537 advisories

Filter by severity

Sort by

Least recently updated

EMC ViPR SRM, EMC Storage M&R, EMC VNX M&R, EMC M&R for SAS Solution Packs (EMC ViPR SRM prior to... Critical Unreviewed

CVE-2017-8011 was published May 13, 2022

A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed

CVE-2018-7229 was published May 13, 2022

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3... Critical Unreviewed

CVE-2017-7574 was published May 13, 2022

An exploitable unsafe default configuration vulnerability exists in the TURN server function of... Critical Unreviewed

CVE-2018-4059 was published May 13, 2022

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless... Critical Unreviewed

CVE-2016-8717 was published May 13, 2022

Hard-coded FTP credentials (r:r) are included in the Foscam C1 running firmware 1.9.1.12.... Critical Unreviewed

CVE-2016-8731 was published May 13, 2022

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access... Critical Unreviewed

CVE-2021-38969 was published May 12, 2022

** UNSUPPORTED WHEN ASSIGNED ** QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in... Critical Unreviewed

CVE-2013-6276 was published May 5, 2022

An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of... Critical Unreviewed

CVE-2009-5154 was published May 2, 2022

In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender... Critical Unreviewed

CVE-2021-34601 was published Apr 28, 2022

An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView... Critical Unreviewed

CVE-2021-40390 was published Apr 15, 2022

An authentication bypass vulnerability exists in the device password generation functionality of... Critical Unreviewed

CVE-2021-40422 was published Apr 15, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1,... Critical Unreviewed

CVE-2022-23441 was published Apr 7, 2022

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,... Critical Unreviewed

CVE-2021-30064 was published Apr 5, 2022

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across... Critical Unreviewed

CVE-2022-25569 was published Apr 5, 2022

A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP... Critical Unreviewed

CVE-2022-1162 was published Apr 5, 2022

Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded... Critical Unreviewed

CVE-2022-24693 was published Mar 31, 2022

UNNO v03.11.00 was discovered to contain access control issue. Critical Unreviewed

CVE-2022-25521 was published Mar 30, 2022

ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite... Critical Unreviewed

CVE-2022-25577 was published Mar 26, 2022

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded... Critical Unreviewed

CVE-2021-45877 was published Mar 22, 2022

The following Yokogawa Electric products do not change the passwords of the internal Windows... Critical Unreviewed

CVE-2022-21194 was published Mar 12, 2022

The following Yokogawa Electric products hard-code the password for CAMS server applications:... Critical Unreviewed

CVE-2022-23402 was published Mar 12, 2022

Home Owners Collection Management System v1.0 was discovered to contain hardcoded credentials... Critical Unreviewed

CVE-2022-25045 was published Mar 3, 2022

Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform... Critical Unreviewed

CVE-2022-25329 was published Feb 25, 2022

Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric... Critical Unreviewed

CVE-2021-27797 was published Feb 22, 2022

Previous 1 2 … 18 19 20 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

537 advisories