GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,154 advisories
Filter by severity
A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance...
High
Unreviewed
CVE-2022-20773
was published
Apr 22, 2022
Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the...
Low
Unreviewed
CVE-2020-25168
was published
Apr 15, 2022
An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView...
Critical
Unreviewed
CVE-2021-40390
was published
Apr 15, 2022
An authentication bypass vulnerability exists in the device password generation functionality of...
Critical
Unreviewed
CVE-2021-40422
was published
Apr 15, 2022
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI
Moderate
Unreviewed
CVE-2022-27506
was published
Apr 14, 2022
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user...
Moderate
Unreviewed
CVE-2022-22560
was published
Apr 13, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1,...
Critical
Unreviewed
CVE-2022-23441
was published
Apr 7, 2022
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source...
High
Unreviewed
CVE-2022-26671
was published
Apr 8, 2022
Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across...
Critical
Unreviewed
CVE-2022-25569
was published
Apr 5, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of...
High
Unreviewed
CVE-2022-23440
was published
Apr 7, 2022
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,...
Critical
Unreviewed
CVE-2021-30064
was published
Apr 5, 2022
A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP...
Critical
Unreviewed
CVE-2022-1162
was published
Apr 5, 2022
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded...
Critical
Unreviewed
CVE-2022-24693
was published
Mar 31, 2022
In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official...
High
Unreviewed
CVE-2021-46008
was published
Apr 1, 2022
ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite...
Critical
Unreviewed
CVE-2022-25577
was published
Mar 26, 2022
GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials....
Moderate
Unreviewed
CVE-2021-27430
was published
Mar 24, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded...
Critical
Unreviewed
CVE-2021-45877
was published
Mar 22, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a...
Moderate
Unreviewed
CVE-2020-25180
was published
Mar 19, 2022
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS...
Moderate
Unreviewed
CVE-2020-25193
was published
Mar 19, 2022
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W...
Moderate
Unreviewed
CVE-2022-21199
was published
Jan 29, 2022
RunAsSpc 4.0 uses a universal and recoverable encryption key. In possession of a file encrypted...
High
Unreviewed
CVE-2022-26660
was published
Mar 17, 2022
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded...
High
Unreviewed
CVE-2022-25246
was published
Mar 17, 2022
The following Yokogawa Electric products do not change the passwords of the internal Windows...
Critical
Unreviewed
CVE-2022-21194
was published
Mar 12, 2022
Hard coded credentials in FreeTAKServer
High
CVE-2022-25510
was published
for
FreeTAKServer
(pip)
Mar 12, 2022
The following Yokogawa Electric products hard-code the password for CAMS server applications:...
Critical
Unreviewed
CVE-2022-23402
was published
Mar 12, 2022
ProTip!
Advisories are also available from the
GraphQL API