Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

428 advisories

Loading
RunAsSpc 4.0 uses a universal and recoverable encryption key. In possession of a file encrypted... High Unreviewed
CVE-2022-26660 was published Mar 17, 2022
Hard coded credentials in FreeTAKServer High
CVE-2022-25510 was published for FreeTAKServer (pip) Mar 12, 2022
Improper physical access control and use of hard-coded credentials in /etc/passwd permits an... High Unreviewed
CVE-2022-25213 was published Mar 11, 2022
Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on... High Unreviewed
CVE-2022-25217 was published Mar 11, 2022
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to... High Unreviewed
CVE-2022-24255 was published Mar 3, 2022
Use of Hard-coded Cryptographic Key in Netmaker High
CVE-2022-23650 was published for github.com/gravitl/netmaker (Go) Feb 22, 2022
JamieSlome MrSuicideParrot
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data... High Unreviewed
CVE-2021-46247 was published Feb 18, 2022
BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat... High Unreviewed
CVE-2022-22765 was published Feb 15, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information... High Unreviewed
CVE-2022-22722 was published Feb 11, 2022
A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that... High Unreviewed
CVE-2021-42833 was published Feb 8, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to... High Unreviewed
CVE-2021-42635 was published Feb 1, 2022
Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely... High Unreviewed
CVE-2021-44464 was published Jan 22, 2022
Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric... High Unreviewed
CVE-2021-23842 was published Jan 20, 2022
Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware... High Unreviewed
CVE-2021-20612 was published Jan 15, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <... High Unreviewed
CVE-2021-45033 was published Jan 12, 2022
The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL -... High Unreviewed
CVE-2021-43052 was published Jan 12, 2022
Use of Hard-coded Credentials in Apache Kylin High
CVE-2021-45458 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded... High Unreviewed
CVE-2021-20132 was published Dec 31, 2021
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal... High Unreviewed
CVE-2021-20170 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear... High Unreviewed
CVE-2021-45732 was published Dec 31, 2021
IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a... High Unreviewed
CVE-2021-32993 was published Dec 28, 2021
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10... High Unreviewed
CVE-2021-45520 was published Dec 27, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password. High Unreviewed
CVE-2021-45522 was published Dec 27, 2021
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. High Unreviewed
CVE-2021-44207 was published Dec 22, 2021
A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS... High Unreviewed
CVE-2021-41028 was published Dec 17, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database