GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
168 advisories
Filter by severity
Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module ...
Moderate
Unreviewed
CVE-2014-5431
was published
May 13, 2022
Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI...
Moderate
Unreviewed
CVE-2017-14014
was published
May 13, 2022
IBM Publishing Engine 2.1.2 and 6.0.5 contains an undisclosed vulnerability that could allow a...
Moderate
Unreviewed
CVE-2017-1787
was published
May 13, 2022
A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all...
Moderate
Unreviewed
CVE-2017-6039
was published
May 13, 2022
The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when...
Moderate
Unreviewed
CVE-2022-41540
was published
Oct 18, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000...
Moderate
Unreviewed
CVE-2017-9649
was published
May 13, 2022
The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a...
Moderate
Unreviewed
CVE-2017-12317
was published
May 13, 2022
A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0,...
Moderate
Unreviewed
CVE-2017-12709
was published
May 13, 2022
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an...
Moderate
Unreviewed
CVE-2018-17919
was published
May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass...
Moderate
Unreviewed
CVE-2018-1650
was published
May 13, 2022
The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation...
Moderate
Unreviewed
CVE-2018-12240
was published
May 13, 2022
An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is...
Moderate
Unreviewed
CVE-2021-43282
was published
Dec 1, 2021
A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)...
Moderate
Unreviewed
CVE-2018-0329
was published
May 13, 2022
Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows...
Moderate
Unreviewed
CVE-2012-4712
was published
May 13, 2022
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO...
Moderate
Unreviewed
CVE-2013-1603
was published
May 5, 2022
In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus...
Moderate
Unreviewed
CVE-2021-34577
was published
Nov 9, 2022
A hard-coded password vulnerability exists in the SFTP Log Collection Server function of Trend...
Moderate
Unreviewed
CVE-2021-32459
was published
May 24, 2022
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the...
Moderate
Unreviewed
CVE-2020-27278
was published
May 24, 2022
A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions...
Moderate
Unreviewed
CVE-2019-6859
was published
May 24, 2022
Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an...
Moderate
Unreviewed
CVE-2021-34571
was published
May 24, 2022
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt...
Moderate
Unreviewed
CVE-2021-36234
was published
May 24, 2022
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7...
Moderate
Unreviewed
CVE-2021-27503
was published
May 24, 2022
IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or...
Moderate
Unreviewed
CVE-2021-20537
was published
May 24, 2022
ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products utilize an encryption key in...
Moderate
Unreviewed
CVE-2021-27481
was published
May 24, 2022
An issue was discovered on Enphase Envoy R3.x and D4.x devices. There are hardcoded web-panel...
Moderate
Unreviewed
CVE-2020-25752
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API