GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,167 advisories
Filter by severity
MEDHOST Document Management System contains hard-coded credentials that are used for customer...
Critical
Unreviewed
CVE-2017-11693
was published
May 17, 2022
The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted...
High
Unreviewed
CVE-2017-5230
was published
May 17, 2022
LinkPlay Sound Bar v1.0 allows attackers to escalate privileges via a hardcoded password for the...
Critical
Unreviewed
CVE-2022-28605
was published
Jun 3, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to...
Critical
Unreviewed
CVE-2022-30234
was published
Jun 3, 2022
A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very...
Critical
Unreviewed
CVE-2017-20039
was published
Jun 12, 2022
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the...
Moderate
Unreviewed
CVE-2021-42892
was published
Jun 4, 2022
WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an...
High
Unreviewed
CVE-2017-2280
was published
May 17, 2022
MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr...
Critical
Unreviewed
CVE-2017-11694
was published
May 17, 2022
Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password ...
High
Unreviewed
CVE-2022-31462
was published
Jun 3, 2022
Backup archives were found to be encrypted with a static password across different installations,...
Critical
Unreviewed
CVE-2017-11380
was published
May 17, 2022
WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an...
High
Unreviewed
CVE-2017-2283
was published
May 17, 2022
MEDHOST Connex contains hard-coded credentials that are used for customer database access. An...
Critical
Unreviewed
CVE-2017-11614
was published
May 17, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process...
Moderate
Unreviewed
CVE-2021-1576
was published
May 24, 2022
Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a...
Critical
Unreviewed
CVE-2022-29525
was published
Jun 14, 2022
Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded...
High
Unreviewed
CVE-2022-31460
was published
Jun 3, 2022
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES...
Moderate
Unreviewed
CVE-2022-25807
was published
Jun 10, 2022
MapGIS IGServer 10.5.6.11 is vulnerable to Arbitrary file deletion.
High
Unreviewed
CVE-2022-36171
was published
Aug 20, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process...
High
Unreviewed
CVE-2021-1574
was published
May 24, 2022
Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is...
Critical
Unreviewed
CVE-2022-30422
was published
Jun 18, 2022
A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum...
High
Unreviewed
CVE-2022-26476
was published
Jun 15, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is...
Critical
Unreviewed
CVE-2017-11129
was published
May 17, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a...
High
Unreviewed
CVE-2017-9488
was published
May 17, 2022
Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller...
High
Unreviewed
CVE-2022-30997
was published
Jun 29, 2022
A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the...
High
Unreviewed
CVE-2020-36547
was published
Jun 18, 2022
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier, Toshiba Home gateway HEM...
Critical
Unreviewed
CVE-2017-2236
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API