GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,490

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

417 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller... High Unreviewed

CVE-2019-3496 was published May 13, 2022

An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. The tools/ping... High Unreviewed

CVE-2019-3497 was published May 13, 2022

Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due... High Unreviewed

CVE-2019-3710 was published May 13, 2022

A hard-coded password vulnerability exists in the console infactory functionality of InHand... High Unreviewed

CVE-2022-27172 was published May 13, 2022

Use of static encryption key material allows forging an authentication token to other users... High Unreviewed

CVE-2022-23724 was published May 5, 2022

ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not... High Unreviewed

CVE-2008-1160 was published May 1, 2022

EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to... High Unreviewed

CVE-2008-0961 was published May 1, 2022

The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with... High Unreviewed

CVE-2007-1063 was published May 1, 2022

admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain... High Unreviewed

CVE-2006-7074 was published May 1, 2022

Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back... High Unreviewed

CVE-2005-0496 was published May 1, 2022

The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known... High Unreviewed

CVE-2000-1139 was published Apr 30, 2022

A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA... High Unreviewed

CVE-2022-29856 was published Apr 30, 2022

ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote... High Unreviewed

CVE-2022-26672 was published Apr 23, 2022

A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance... High Unreviewed

CVE-2022-20773 was published Apr 22, 2022

Taiwan Secom Dr.ID Access Control system’s login page has a hard-coded credential in the source... High Unreviewed

CVE-2022-26671 was published Apr 8, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in the registration mechanism of... High Unreviewed

CVE-2022-23440 was published Apr 7, 2022

In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official... High Unreviewed

CVE-2021-46008 was published Apr 1, 2022

Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded... High Unreviewed

CVE-2022-25246 was published Mar 17, 2022

RunAsSpc 4.0 uses a universal and recoverable encryption key. In possession of a file encrypted... High Unreviewed

CVE-2022-26660 was published Mar 17, 2022

Improper physical access control and use of hard-coded credentials in /etc/passwd permits an... High Unreviewed

CVE-2022-25213 was published Mar 11, 2022

Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on... High Unreviewed

CVE-2022-25217 was published Mar 11, 2022

Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to... High Unreviewed

CVE-2022-24255 was published Mar 3, 2022

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data... High Unreviewed

CVE-2021-46247 was published Feb 18, 2022

BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat... High Unreviewed

CVE-2022-22765 was published Feb 15, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information... High Unreviewed

CVE-2022-22722 was published Feb 11, 2022

Previous 1 2 … 13 14 15 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

417 advisories