GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
31 advisories
Filter by severity
A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd...
Critical
Unreviewed
CVE-2022-22144
was published
Aug 6, 2022
The software contains a hard-coded password it uses for its own inbound authentication or for...
Critical
Unreviewed
CVE-2021-27440
was published
May 24, 2022
A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4...
Critical
Unreviewed
CVE-2021-22729
was published
May 24, 2022
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2...
Critical
Unreviewed
CVE-2021-38456
was published
May 24, 2022
The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to...
Critical
Unreviewed
CVE-2021-32525
was published
May 24, 2022
A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected...
Critical
Unreviewed
CVE-2014-125030
was published
Jan 1, 2023
The software contains a hard-coded password that could allow an attacker to take control of the...
Critical
Unreviewed
CVE-2021-27452
was published
May 24, 2022
A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is...
Critical
Unreviewed
CVE-2023-2645
was published
May 11, 2023
Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Password Vulnerability. A...
Critical
Unreviewed
CVE-2021-36312
was published
Nov 24, 2021
A vulnerability classified as critical has been found in Netis Netcore Router. This affects an...
Critical
Unreviewed
CVE-2018-25069
was published
Jan 7, 2023
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an...
Critical
Unreviewed
CVE-2022-41653
was published
Dec 14, 2022
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2...
Critical
Unreviewed
CVE-2022-45444
was published
Jul 6, 2023
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site...
Critical
Unreviewed
CVE-2023-23770
was published
Aug 29, 2023
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device...
Critical
Unreviewed
CVE-2024-32741
was published
May 14, 2024
CyberPower PowerPanel business
application code contains a hard-coded JWT signing key. This...
Critical
Unreviewed
CVE-2024-33625
was published
May 15, 2024
CyberPower PowerPanel business application code contains a hard-coded set of authentication ...
Critical
Unreviewed
CVE-2024-34025
was published
May 15, 2024
Chirp Access improperly stores credentials within its source code, potentially exposing...
Critical
Unreviewed
CVE-2024-2197
was published
Mar 20, 2024
Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3,...
Critical
Unreviewed
CVE-2024-28010
was published
Mar 28, 2024
Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to...
Critical
Unreviewed
CVE-2024-34539
was published
Jun 14, 2024
H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-38902
was published
Jun 24, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013...
Critical
Unreviewed
CVE-2023-46685
was published
Jul 8, 2024
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and...
Critical
Unreviewed
CVE-2022-30271
was published
Jul 27, 2022
ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a hardcoded cryptographic key.
Critical
Unreviewed
CVE-2024-36526
was published
Jul 9, 2024
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as...
Critical
Unreviewed
CVE-2024-7332
was published
Aug 1, 2024
Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote...
Critical
Unreviewed
CVE-2024-27488
was published
Apr 8, 2024
ProTip!
Advisories are also available from the
GraphQL API