GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
417 advisories
Filter by severity
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded...
High
Unreviewed
CVE-2023-36623
was published
Jul 5, 2023
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code...
High
Unreviewed
CVE-2023-32274
was published
Jun 20, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN...
High
Unreviewed
CVE-2023-25187
was published
Jun 16, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to...
High
Unreviewed
CVE-2023-2637
was published
Jun 13, 2023
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker...
High
Unreviewed
CVE-2022-47617
was published
Jun 2, 2023
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-2061
was published
Jun 2, 2023
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider...
High
Unreviewed
CVE-2023-28937
was published
Jun 1, 2023
ROZCOM client CWE-798: Use of Hard-coded Credentials
High
Unreviewed
CVE-2023-31184
was published
May 30, 2023
This vulnerability enables ssh access to minikube container using a default password.
High
Unreviewed
CVE-2023-1944
was published
May 24, 2023
Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10...
High
Unreviewed
CVE-2023-27512
was published
May 23, 2023
A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC...
High
Unreviewed
CVE-2023-26203
was published
May 4, 2023
The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded...
High
Unreviewed
CVE-2022-41398
was published
Apr 28, 2023
The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte...
High
Unreviewed
CVE-2022-41399
was published
Apr 28, 2023
PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote...
High
Unreviewed
CVE-2022-45291
was published
Apr 25, 2023
TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User ---...
High
Unreviewed
CVE-2022-37255
was published
Apr 16, 2023
Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials...
High
Unreviewed
CVE-2023-22429
was published
Apr 11, 2023
MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the...
High
Unreviewed
CVE-2023-0391
was published
Mar 21, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet...
High
Unreviewed
CVE-2023-24147
was published
Feb 3, 2023
Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure. The application...
High
Unreviewed
CVE-2023-23132
was published
Feb 1, 2023
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege...
High
Unreviewed
CVE-2022-42973
was published
Feb 1, 2023
A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an...
High
Unreviewed
CVE-2023-20038
was published
Jan 20, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password...
High
Unreviewed
CVE-2022-34462
was published
Jan 18, 2023
Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism....
High
Unreviewed
CVE-2022-36925
was published
Jan 9, 2023
ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX...
High
Unreviewed
CVE-2022-4780
was published
Dec 29, 2022
Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An...
High
Unreviewed
CVE-2022-45425
was published
Dec 27, 2022
ProTip!
Advisories are also available from the
GraphQL API