GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
76 advisories
Filter by severity
A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd...
Critical
Unreviewed
CVE-2022-22144
was published
Aug 6, 2022
The software contains a hard-coded password it uses for its own inbound authentication or for...
Critical
Unreviewed
CVE-2021-27440
was published
May 24, 2022
A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by...
Moderate
Unreviewed
CVE-2020-7590
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2021-27254
was published
May 24, 2022
Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local...
High
Unreviewed
CVE-2021-32521
was published
May 24, 2022
A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4...
Critical
Unreviewed
CVE-2021-22729
was published
May 24, 2022
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2...
Critical
Unreviewed
CVE-2021-38456
was published
May 24, 2022
The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to...
Critical
Unreviewed
CVE-2021-32525
was published
May 24, 2022
A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected...
Critical
Unreviewed
CVE-2014-125030
was published
Jan 1, 2023
A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471....
Moderate
Unreviewed
CVE-2023-0808
was published
Feb 13, 2023
The software contains a hard-coded password that could allow an attacker to take control of the...
Critical
Unreviewed
CVE-2021-27452
was published
May 24, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 all versions allows an...
High
Unreviewed
CVE-2022-29825
was published
Nov 25, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1...
High
Unreviewed
CVE-2022-29831
was published
Nov 25, 2022
A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects...
Moderate
Unreviewed
CVE-2023-3237
was published
Jun 14, 2023
Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated...
Moderate
Unreviewed
CVE-2023-41030
was published
Sep 18, 2023
A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. This...
Moderate
Unreviewed
CVE-2023-5222
was published
Sep 27, 2023
A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5....
Moderate
Unreviewed
CVE-2023-2799
was published
May 18, 2023
A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is...
Critical
Unreviewed
CVE-2023-2645
was published
May 11, 2023
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3...
Low
Unreviewed
CVE-2023-28895
was published
Dec 1, 2023
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or...
Moderate
Unreviewed
CVE-2023-50948
was published
Jan 8, 2024
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A...
Critical
Unreviewed
CVE-2021-36312
was published
Nov 24, 2021
A vulnerability classified as critical has been found in Netis Netcore Router. This affects an...
Critical
Unreviewed
CVE-2018-25069
was published
Jan 7, 2023
Unitronics Unistream Unilogic – Versions prior to 1.35.227 -
CWE-259: Use of Hard-coded...
High
Unreviewed
CVE-2024-27774
was published
Mar 18, 2024
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN...
High
Unreviewed
CVE-2019-13530
was published
May 24, 2022
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an...
Critical
Unreviewed
CVE-2022-41653
was published
Dec 14, 2022
ProTip!
Advisories are also available from the
GraphQL API