Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

161 advisories

Loading
Hard-Coded Key Used For Remember-me Token in Opencast Moderate
CVE-2020-5222 was published for org.opencastproject:opencast-kernel (Maven) Jan 30, 2020
LukasKalbertodt
An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is... Moderate Unreviewed
CVE-2021-43282 was published Dec 1, 2021
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10... Moderate Unreviewed
CVE-2021-45521 was published Dec 27, 2021
Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials,... Moderate Unreviewed
CVE-2021-35232 was published Dec 28, 2021
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W... Moderate Unreviewed
CVE-2022-21199 was published Jan 29, 2022
A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use... Moderate Unreviewed
CVE-2021-45106 was published Feb 10, 2022
Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be... Moderate Unreviewed
CVE-2022-22766 was published Feb 12, 2022
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS... Moderate Unreviewed
CVE-2020-25193 was published Mar 19, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a... Moderate Unreviewed
CVE-2020-25180 was published Mar 19, 2022
GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials.... Moderate Unreviewed
CVE-2021-27430 was published Mar 24, 2022
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user... Moderate Unreviewed
CVE-2022-22560 was published Apr 13, 2022
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI Moderate Unreviewed
CVE-2022-27506 was published Apr 14, 2022
The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2... Moderate Unreviewed
CVE-2005-3716 was published May 1, 2022
Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP... Moderate Unreviewed
CVE-2005-3803 was published May 1, 2022
The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in... Moderate Unreviewed
CVE-2006-7142 was published May 1, 2022
manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key,... Moderate Unreviewed
CVE-2008-2369 was published May 1, 2022
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO... Moderate Unreviewed
CVE-2013-1603 was published May 5, 2022
An information disclosure vulnerability exists in the router configuration export functionality... Moderate Unreviewed
CVE-2022-26020 was published May 13, 2022
Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows... Moderate Unreviewed
CVE-2012-4712 was published May 13, 2022
A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)... Moderate Unreviewed
CVE-2018-0329 was published May 13, 2022
The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation... Moderate Unreviewed
CVE-2018-12240 was published May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass... Moderate Unreviewed
CVE-2018-1650 was published May 13, 2022
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an... Moderate Unreviewed
CVE-2018-17919 was published May 13, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000... Moderate Unreviewed
CVE-2017-9649 was published May 13, 2022
A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all... Moderate Unreviewed
CVE-2017-6039 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database