GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
161 advisories
Filter by severity
The ABB HMI components implement hidden administrative accounts that are used during the...
Moderate
Unreviewed
CVE-2019-7225
was published
May 24, 2022
The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to...
Moderate
Unreviewed
CVE-2020-35137
was published
May 24, 2022
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ...
Moderate
Unreviewed
CVE-2022-34386
was published
Feb 11, 2023
PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys...
Moderate
Unreviewed
CVE-2022-34449
was published
Feb 11, 2023
Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows...
Moderate
Unreviewed
CVE-2023-21426
was published
Feb 9, 2023
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a...
Moderate
Unreviewed
CVE-2019-10990
was published
May 24, 2022
A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471....
Moderate
Unreviewed
CVE-2023-0808
was published
Feb 13, 2023
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials,...
Moderate
Unreviewed
CVE-2021-29728
was published
May 24, 2022
This vulnerability allows network-adjacent attackers execute arbitrary code on affected...
Moderate
Unreviewed
CVE-2020-10884
was published
May 24, 2022
IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could...
Moderate
Unreviewed
CVE-2019-4220
was published
May 24, 2022
A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use...
Moderate
Unreviewed
CVE-2021-45106
was published
Feb 10, 2022
Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be...
Moderate
Unreviewed
CVE-2022-22766
was published
Feb 12, 2022
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10...
Moderate
Unreviewed
CVE-2021-45521
was published
Dec 27, 2021
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless...
Moderate
Unreviewed
CVE-2017-12725
was published
May 14, 2022
Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key...
Moderate
Unreviewed
CVE-2018-9073
was published
May 14, 2022
Amcrest networked devices use the same hardcoded SSL private key across different customers'...
Moderate
Unreviewed
CVE-2018-16546
was published
May 13, 2022
FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses...
Moderate
Unreviewed
CVE-2017-2720
was published
May 13, 2022
Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow...
Moderate
Unreviewed
CVE-2022-38069
was published
Sep 14, 2022
Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module ...
Moderate
Unreviewed
CVE-2014-5431
was published
May 13, 2022
Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI...
Moderate
Unreviewed
CVE-2017-14014
was published
May 13, 2022
IBM Publishing Engine 2.1.2 and 6.0.5 contains an undisclosed vulnerability that could allow a...
Moderate
Unreviewed
CVE-2017-1787
was published
May 13, 2022
A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all...
Moderate
Unreviewed
CVE-2017-6039
was published
May 13, 2022
The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when...
Moderate
Unreviewed
CVE-2022-41540
was published
Oct 18, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000...
Moderate
Unreviewed
CVE-2017-9649
was published
May 13, 2022
The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a...
Moderate
Unreviewed
CVE-2017-12317
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API