GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,144 advisories
Filter by severity
EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented...
Critical
Unreviewed
CVE-2022-39185
was published
Jan 12, 2023
Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on...
High
Unreviewed
CVE-2022-25217
was published
Mar 11, 2022
Improper physical access control and use of hard-coded credentials in /etc/passwd permits an...
High
Unreviewed
CVE-2022-25213
was published
Mar 11, 2022
The following Yokogawa Electric products hard-code the password for CAMS server applications:...
Critical
Unreviewed
CVE-2022-23402
was published
Mar 12, 2022
The following Yokogawa Electric products do not change the passwords of the internal Windows...
Critical
Unreviewed
CVE-2022-21194
was published
Mar 12, 2022
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded...
High
Unreviewed
CVE-2022-25246
was published
Mar 17, 2022
RunAsSpc 4.0 uses a universal and recoverable encryption key. In possession of a file encrypted...
High
Unreviewed
CVE-2022-26660
was published
Mar 17, 2022
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W...
Moderate
Unreviewed
CVE-2022-21199
was published
Jan 29, 2022
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS...
Moderate
Unreviewed
CVE-2020-25193
was published
Mar 19, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a...
Moderate
Unreviewed
CVE-2020-25180
was published
Mar 19, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded...
Critical
Unreviewed
CVE-2021-45877
was published
Mar 22, 2022
GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials....
Moderate
Unreviewed
CVE-2021-27430
was published
Mar 24, 2022
ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite...
Critical
Unreviewed
CVE-2022-25577
was published
Mar 26, 2022
In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official...
High
Unreviewed
CVE-2021-46008
was published
Apr 1, 2022
Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded...
Critical
Unreviewed
CVE-2022-24693
was published
Mar 31, 2022
A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP...
Critical
Unreviewed
CVE-2022-1162
was published
Apr 5, 2022
On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,...
Critical
Unreviewed
CVE-2021-30064
was published
Apr 5, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of...
High
Unreviewed
CVE-2022-23440
was published
Apr 7, 2022
Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across...
Critical
Unreviewed
CVE-2022-25569
was published
Apr 5, 2022
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source...
High
Unreviewed
CVE-2022-26671
was published
Apr 8, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1,...
Critical
Unreviewed
CVE-2022-23441
was published
Apr 7, 2022
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user...
Moderate
Unreviewed
CVE-2022-22560
was published
Apr 13, 2022
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI
Moderate
Unreviewed
CVE-2022-27506
was published
Apr 14, 2022
An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView...
Critical
Unreviewed
CVE-2021-40390
was published
Apr 15, 2022
Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the...
Low
Unreviewed
CVE-2020-25168
was published
Apr 15, 2022
ProTip!
Advisories are also available from the
GraphQL API