GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,400
Composer 4,386
Erlang 33
GitHub Actions 22
Go 2,141
Maven 5,315
npm 3,803
NuGet 687
pip 3,480
Pub 12
RubyGems 897
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,649

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

435 advisories

Filter by severity

Sort by

Least recently updated

IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password... High Unreviewed

CVE-2022-35287 was published Jul 26, 2022

A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2.... High Unreviewed

CVE-2022-34906 was published Jul 26, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5... High Unreviewed

CVE-2022-29060 was published Jul 20, 2022

This vulnerability affects all of the company's products that also include the FW versions:... High Unreviewed

CVE-2022-30627 was published Jul 19, 2022

Disclosure of information - the system allows you to view usernames and passwords without... High Unreviewed

CVE-2022-30622 was published Jul 18, 2022

Isode SWIFT v4.0.2 was discovered to contain hard-coded credentials in the Registry Editor. This... High Unreviewed

CVE-2022-32389 was published Jul 15, 2022

IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password... High Unreviewed

CVE-2020-4157 was published Jul 13, 2022

Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller... High Unreviewed

CVE-2022-30997 was published Jun 29, 2022

A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the... High Unreviewed

CVE-2020-36547 was published Jun 18, 2022

A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum... High Unreviewed

CVE-2022-26476 was published Jun 15, 2022

A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter... High Unreviewed

CVE-2022-31619 was published Jun 15, 2022

An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES... High Unreviewed

CVE-2022-25806 was published Jun 10, 2022

** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary... High Unreviewed

CVE-2022-29778 was published Jun 4, 2022

Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded... High Unreviewed

CVE-2022-31460 was published Jun 3, 2022

Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password ... High Unreviewed

CVE-2022-31462 was published Jun 3, 2022

An attacker can gain VxWorks Shell after login due to hard-coded credentials on a KUKA KR C4... High Unreviewed

CVE-2021-33014 was published May 27, 2022

Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak... High Unreviewed

CVE-2020-15382 was published May 24, 2022

The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key... High Unreviewed

CVE-2021-38461 was published May 24, 2022

Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials for read-only... High Unreviewed

CVE-2021-41827 was published May 24, 2022

Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials associated with... High Unreviewed

CVE-2021-41828 was published May 24, 2022

A vulnerability involving insecure storage of sensitive information has been reported to affect... High Unreviewed

CVE-2021-28813 was published May 24, 2022

BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own unique hard coded and weak root SSH key... High Unreviewed

CVE-2021-28912 was published May 24, 2022

An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. An attacker can... High Unreviewed

CVE-2021-33484 was published May 24, 2022

Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron... High Unreviewed

CVE-2021-39245 was published May 24, 2022

SapphireIMS 5 utilized default sapphire:ims credentials to connect the client to server. This... High Unreviewed

CVE-2020-25561 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

435 advisories