Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,167 advisories

Loading
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO... Moderate Unreviewed
CVE-2013-1603 was published May 5, 2022
Use of static encryption key material allows forging an authentication token to other users... High Unreviewed
CVE-2022-23724 was published May 5, 2022
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of... Critical Unreviewed
CVE-2009-5154 was published May 2, 2022
manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key,... Moderate Unreviewed
CVE-2008-2369 was published May 1, 2022
ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not... High Unreviewed
CVE-2008-1160 was published May 1, 2022
EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to... High Unreviewed
CVE-2008-0961 was published May 1, 2022
The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with... High Unreviewed
CVE-2007-1063 was published May 1, 2022
The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in... Moderate Unreviewed
CVE-2006-7142 was published May 1, 2022
admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain... High Unreviewed
CVE-2006-7074 was published May 1, 2022
Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP... Moderate Unreviewed
CVE-2005-3803 was published May 1, 2022
The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2... Moderate Unreviewed
CVE-2005-3716 was published May 1, 2022
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back... High Unreviewed
CVE-2005-0496 was published May 1, 2022
The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known... High Unreviewed
CVE-2000-1139 was published Apr 30, 2022
A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA... High Unreviewed
CVE-2022-29856 was published Apr 30, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender... Critical Unreviewed
CVE-2021-34601 was published Apr 28, 2022
Apache Doris hardcoded key and IV High
CVE-2022-23942 was published for pydoris (pip) Apr 27, 2022
ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote... High Unreviewed
CVE-2022-26672 was published Apr 23, 2022
A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance... High Unreviewed
CVE-2022-20773 was published Apr 22, 2022
An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView... Critical Unreviewed
CVE-2021-40390 was published Apr 15, 2022
An authentication bypass vulnerability exists in the device password generation functionality of... Critical Unreviewed
CVE-2021-40422 was published Apr 15, 2022
Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the... Low Unreviewed
CVE-2020-25168 was published Apr 15, 2022
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI Moderate Unreviewed
CVE-2022-27506 was published Apr 14, 2022
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user... Moderate Unreviewed
CVE-2022-22560 was published Apr 13, 2022
Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source... High Unreviewed
CVE-2022-26671 was published Apr 8, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1,... Critical Unreviewed
CVE-2022-23441 was published Apr 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database