GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,910

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,145 advisories

Filter by severity

Sort by

Least recently updated

MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer... Critical Unreviewed

CVE-2017-11743 was published May 17, 2022

MEDHOST Document Management System contains hard-coded credentials that are used for customer... Critical Unreviewed

CVE-2017-11693 was published May 17, 2022

The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted... High Unreviewed

CVE-2017-5230 was published May 17, 2022

LinkPlay Sound Bar v1.0 allows attackers to escalate privileges via a hardcoded password for the... Critical Unreviewed

CVE-2022-28605 was published Jun 3, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to... Critical Unreviewed

CVE-2022-30234 was published Jun 3, 2022

A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very... Critical Unreviewed

CVE-2017-20039 was published Jun 12, 2022

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the... Moderate Unreviewed

CVE-2021-42892 was published Jun 4, 2022

WN-AX1167GR firmware version 3.00 and earlier uses hardcoded credentials which may allow an... High Unreviewed

CVE-2017-2280 was published May 17, 2022

MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr... Critical Unreviewed

CVE-2017-11694 was published May 17, 2022

Owl Labs Meeting Owl 5.2.0.15 allows attackers to control the device via a backdoor password ... High Unreviewed

CVE-2022-31462 was published Jun 3, 2022

Backup archives were found to be encrypted with a static password across different installations,... Critical Unreviewed

CVE-2017-11380 was published May 17, 2022

WN-G300R3 firmware version 1.0.2 and earlier uses hardcoded credentials which may allow an... High Unreviewed

CVE-2017-2283 was published May 17, 2022

MEDHOST Connex contains hard-coded credentials that are used for customer database access. An... Critical Unreviewed

CVE-2017-11614 was published May 17, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed

CVE-2021-1576 was published May 24, 2022

Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a... Critical Unreviewed

CVE-2022-29525 was published Jun 14, 2022

Owl Labs Meeting Owl 5.2.0.15 allows attackers to activate Tethering Mode with hard-coded... High Unreviewed

CVE-2022-31460 was published Jun 3, 2022

An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES... Moderate Unreviewed

CVE-2022-25807 was published Jun 10, 2022

MapGIS IGServer 10.5.6.11 is vulnerable to Arbitrary file deletion. High Unreviewed

CVE-2022-36171 was published Aug 20, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Business Process... High Unreviewed

CVE-2021-1574 was published May 24, 2022

Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is... Critical Unreviewed

CVE-2022-30422 was published Jun 18, 2022

A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum... High Unreviewed

CVE-2022-26476 was published Jun 15, 2022

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The keystore is... Critical Unreviewed

CVE-2017-11129 was published May 17, 2022

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a... High Unreviewed

CVE-2017-9488 was published May 17, 2022

Use of hard-coded credentials vulnerability exists in STARDOM FCN Controller and FCJ Controller... High Unreviewed

CVE-2022-30997 was published Jun 29, 2022

A vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the... High Unreviewed

CVE-2020-36547 was published Jun 18, 2022

Previous 1 2 3 4 5 … 45 46 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,145 advisories