Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,159 advisories

Loading
A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that... High Unreviewed
CVE-2021-42833 was published Feb 8, 2022
Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source... Critical Unreviewed
CVE-2020-36064 was published Feb 1, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to... High Unreviewed
CVE-2021-42635 was published Feb 1, 2022
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W... Moderate Unreviewed
CVE-2022-21199 was published Jan 29, 2022
MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key... Critical Unreviewed
CVE-2022-22928 was published Jan 22, 2022
Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any... Critical Unreviewed
CVE-2021-23233 was published Jan 22, 2022
Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely... High Unreviewed
CVE-2021-44464 was published Jan 22, 2022
Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric... High Unreviewed
CVE-2021-23842 was published Jan 20, 2022
Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service... Low Unreviewed
CVE-2022-0131 was published Jan 18, 2022
The Le-yan dental management system contains a hard-coded credentials vulnerability in the web... Critical Unreviewed
CVE-2022-22056 was published Jan 15, 2022
Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware... High Unreviewed
CVE-2021-20612 was published Jan 15, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <... High Unreviewed
CVE-2021-45033 was published Jan 12, 2022
The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL -... High Unreviewed
CVE-2021-43052 was published Jan 12, 2022
QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736... Critical Unreviewed
CVE-2022-22845 was published Jan 11, 2022
Use of Hard-coded Credentials in Apache Kylin High
CVE-2021-45458 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
ENC DataVault 7.1.1W uses an inappropriate encryption algorithm, such that an attacker (who does... Critical Unreviewed
CVE-2021-36751 was published Jan 3, 2022
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded... High Unreviewed
CVE-2021-20132 was published Dec 31, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to... Critical Unreviewed
CVE-2021-20155 was published Dec 31, 2021
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal... High Unreviewed
CVE-2021-20170 was published Dec 31, 2021
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear... High Unreviewed
CVE-2021-45732 was published Dec 31, 2021
IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a... High Unreviewed
CVE-2021-32993 was published Dec 28, 2021
Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials,... Moderate Unreviewed
CVE-2021-35232 was published Dec 28, 2021
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10... High Unreviewed
CVE-2021-45520 was published Dec 27, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password. High Unreviewed
CVE-2021-45522 was published Dec 27, 2021
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10... Moderate Unreviewed
CVE-2021-45521 was published Dec 27, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database