GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
430 advisories
Filter by severity
A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa...
High
Unreviewed
CVE-2017-9132
was published
May 17, 2022
This vulnerability affects all of the company's products that also include the FW versions:...
High
Unreviewed
CVE-2022-30627
was published
Jul 19, 2022
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users...
High
Unreviewed
CVE-2017-5167
was published
May 17, 2022
Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An...
High
Unreviewed
CVE-2022-34425
was published
Oct 11, 2022
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the...
High
Unreviewed
CVE-2020-36547
was published
Jun 18, 2022
Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller...
High
Unreviewed
CVE-2022-30997
was published
Jun 29, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a...
High
Unreviewed
CVE-2017-9488
was published
May 17, 2022
A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum...
High
Unreviewed
CVE-2022-26476
was published
Jun 15, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process...
High
Unreviewed
CVE-2021-1574
was published
May 24, 2022
MapGIS IGServer 10.5.6.11 is vulnerable to Arbitrary file deletion.
High
Unreviewed
CVE-2022-36171
was published
Aug 20, 2022
Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded...
High
Unreviewed
CVE-2022-31460
was published
Jun 3, 2022
WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an...
High
Unreviewed
CVE-2017-2283
was published
May 17, 2022
Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password ...
High
Unreviewed
CVE-2022-31462
was published
Jun 3, 2022
WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an...
High
Unreviewed
CVE-2017-2280
was published
May 17, 2022
The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted...
High
Unreviewed
CVE-2017-5230
was published
May 17, 2022
The software contains a hard-coded password it uses for its own inbound authentication or for...
High
Unreviewed
CVE-2021-27438
was published
May 24, 2022
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES...
High
Unreviewed
CVE-2022-25806
was published
Jun 10, 2022
The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows...
High
Unreviewed
CVE-2020-7352
was published
May 24, 2022
An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4...
High
Unreviewed
CVE-2021-33014
was published
May 27, 2022
An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam...
High
Unreviewed
CVE-2018-4017
was published
May 24, 2022
Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle ...
High
Unreviewed
CVE-2021-4228
was published
Oct 24, 2022
ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote...
High
Unreviewed
CVE-2022-26672
was published
Apr 23, 2022
A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance...
High
Unreviewed
CVE-2022-20773
was published
Apr 22, 2022
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source...
High
Unreviewed
CVE-2022-26671
was published
Apr 8, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of...
High
Unreviewed
CVE-2022-23440
was published
Apr 7, 2022
ProTip!
Advisories are also available from the
GraphQL API