Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

430 advisories

Loading
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... High Unreviewed
CVE-2023-37857 was published Aug 9, 2023
The Hawk Console and Hawk Agent components of TIBCO Software Inc.'s TIBCO Hawk, TIBCO Hawk... High Unreviewed
CVE-2023-26219 was published Oct 25, 2023
Dromara Lamp-Cloud Use of Hard-coded Cryptographic Key High
CVE-2023-31579 was published for top.tangyh.basic:lamp-core (Maven) Nov 3, 2023
Netmaker has Hardcoded DNS Secret Key High
CVE-2023-32077 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh iamnoooob
The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to... High Unreviewed
CVE-2023-46102 was published Oct 25, 2023
The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify... High Unreviewed
CVE-2023-41372 was published Oct 25, 2023
Hard coded cryptographic key in Kiali High
CVE-2020-1764 was published for github.com/kiali/kiali (Go) May 18, 2021
TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial... High Unreviewed
CVE-2019-13473 was published May 24, 2022
TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial... High Unreviewed
CVE-2019-13474 was published May 24, 2022
Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware... High Unreviewed
CVE-2021-20612 was published Jan 15, 2022
Open5GS 2.1.3 listens on 0.0.0.0:3000 and has a default password of 1423 for the admin account. High Unreviewed
CVE-2021-25863 was published May 24, 2022
Use of Hard-coded Credentials in Apache Kylin High
CVE-2021-45458 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
Common encryption key appears to be used across all deployed instances of Serv-U FTP Server.... High Unreviewed
CVE-2021-35252 was published Dec 20, 2022
Use of static encryption key material allows forging an authentication token to other users... High Unreviewed
CVE-2022-23724 was published May 5, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29828 was published Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29829 was published Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29827 was published Nov 25, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1... High Unreviewed
CVE-2022-29831 was published Nov 25, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 all versions allows an... High Unreviewed
CVE-2022-29825 was published Nov 25, 2022
The Temi application 1.3.3 through 1.3.7931 for Android has hard-coded credentials. High Unreviewed
CVE-2020-16170 was published May 24, 2022
Use of Hard-coded Credentials in Nacos High
CVE-2021-43116 was published for com.alibaba.nacos:nacos-client (Maven) Jul 6, 2022
MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the... High Unreviewed
CVE-2023-0391 was published Mar 21, 2023
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege... High Unreviewed
CVE-2022-42973 was published Feb 1, 2023
Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure. The application... High Unreviewed
CVE-2023-23132 was published Feb 1, 2023
In the Zingbox Inspector, versions 1.294 and earlier, hardcoded credentials for root and... High Unreviewed
CVE-2019-15015 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database