GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
428 advisories
Filter by severity
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on...
High
Unreviewed
CVE-2023-21652
was published
Aug 8, 2023
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow...
High
Unreviewed
CVE-2023-38433
was published
Jul 26, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This...
High
Unreviewed
CVE-2023-34123
was published
Jul 13, 2023
A support user exists on the device and appears to be a backdoor for Technical Support staff. The...
High
Unreviewed
CVE-2022-47209
was published
Jul 6, 2023
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded...
High
Unreviewed
CVE-2023-36623
was published
Jul 5, 2023
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded...
High
Unreviewed
CVE-2023-34473
was published
Jul 5, 2023
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code...
High
Unreviewed
CVE-2023-32274
was published
Jun 20, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN...
High
Unreviewed
CVE-2023-25187
was published
Jun 16, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to...
High
Unreviewed
CVE-2023-2637
was published
Jun 13, 2023
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker...
High
Unreviewed
CVE-2022-47617
was published
Jun 2, 2023
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-2061
was published
Jun 2, 2023
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider...
High
Unreviewed
CVE-2023-28937
was published
Jun 1, 2023
ROZCOM client CWE-798: Use of Hard-coded Credentials
High
Unreviewed
CVE-2023-31184
was published
May 30, 2023
This vulnerability enables ssh access to minikube container using a default password.
High
Unreviewed
CVE-2023-1944
was published
May 24, 2023
Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10...
High
Unreviewed
CVE-2023-27512
was published
May 23, 2023
A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC...
High
Unreviewed
CVE-2023-26203
was published
May 4, 2023
The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte...
High
Unreviewed
CVE-2022-41399
was published
Apr 28, 2023
The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded...
High
Unreviewed
CVE-2022-41398
was published
Apr 28, 2023
PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote...
High
Unreviewed
CVE-2022-45291
was published
Apr 25, 2023
TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User ---...
High
Unreviewed
CVE-2022-37255
was published
Apr 16, 2023
Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials...
High
Unreviewed
CVE-2023-22429
was published
Apr 11, 2023
In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel...
High
Unreviewed
CVE-2021-21979
was published
May 24, 2022
A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829...
High
Unreviewed
CVE-2020-3234
was published
May 24, 2022
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code...
High
Unreviewed
CVE-2019-3983
was published
May 24, 2022
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local...
High
Unreviewed
CVE-2019-16207
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API