GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
418 advisories
Filter by severity
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin...
High
Unreviewed
CVE-2022-36222
was published
Dec 21, 2022
Common encryption key appears to be used across all deployed instances of Serv-U FTP Server....
High
Unreviewed
CVE-2021-35252
was published
Dec 20, 2022
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a...
High
Unreviewed
CVE-2022-2660
was published
Dec 14, 2022
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through...
High
Unreviewed
CVE-2022-46411
was published
Dec 4, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
High
Unreviewed
CVE-2022-29827
was published
Nov 25, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1...
High
Unreviewed
CVE-2022-29831
was published
Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
High
Unreviewed
CVE-2022-29828
was published
Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
High
Unreviewed
CVE-2022-29829
was published
Nov 25, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 all versions allows an...
High
Unreviewed
CVE-2022-29825
was published
Nov 25, 2022
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: ...
High
Unreviewed
CVE-2022-37710
was published
Nov 7, 2022
BD Totalys MultiProcessor, versions 1.70 and earlier, contain hardcoded credentials. If exploited...
High
Unreviewed
CVE-2022-40263
was published
Nov 5, 2022
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco...
High
Unreviewed
CVE-2022-20868
was published
Nov 4, 2022
Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle ...
High
Unreviewed
CVE-2021-4228
was published
Oct 24, 2022
In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to...
High
Unreviewed
CVE-2022-42176
was published
Oct 20, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a...
High
Unreviewed
CVE-2022-38420
was published
Oct 15, 2022
Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An...
High
Unreviewed
CVE-2022-34425
was published
Oct 11, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication.
High
Unreviewed
CVE-2020-15327
was published
Sep 30, 2022
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for...
High
Unreviewed
CVE-2022-36159
was published
Sep 27, 2022
Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges...
High
Unreviewed
CVE-2022-31322
was published
Sep 14, 2022
bilde2910 Hauk v1.6.1 requires a hardcoded password which by default is blank. This hardcoded...
High
Unreviewed
CVE-2022-37857
was published
Sep 9, 2022
In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow...
High
Unreviewed
CVE-2022-37841
was published
Sep 7, 2022
TOTOLINK A950RG V4.1.2cu.5204_B20210112 was discovered to contain a hardcoded password for root...
High
Unreviewed
CVE-2022-36612
was published
Aug 29, 2022
TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at...
High
Unreviewed
CVE-2022-36611
was published
Aug 29, 2022
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at...
High
Unreviewed
CVE-2022-36613
was published
Aug 29, 2022
TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a hardcoded password for root at...
High
Unreviewed
CVE-2022-36614
was published
Aug 29, 2022
ProTip!
Advisories are also available from the
GraphQL API