GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,910

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,145 advisories

Filter by severity

Sort by

Least recently updated

D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of... Critical Unreviewed

CVE-2015-7246 was published May 17, 2022

IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password... High Unreviewed

CVE-2020-4157 was published Jul 13, 2022

An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject... Critical Unreviewed

CVE-2022-31210 was published Jul 18, 2022

Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for... Critical Unreviewed

CVE-2015-2885 was published May 17, 2022

An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0.... Critical Unreviewed

CVE-2017-6403 was published May 17, 2022

Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account,... Critical Unreviewed

CVE-2016-10308 was published May 17, 2022

Isode SWIFT v4.0.2 was discovered to contain hard-coded credentials in the Registry Editor. This... High Unreviewed

CVE-2022-32389 was published Jul 15, 2022

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a... Critical Unreviewed

CVE-2022-26138 was published Jul 21, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5... High Unreviewed

CVE-2022-29060 was published Jul 20, 2022

OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine... Critical Unreviewed

CVE-2022-32965 was published Aug 5, 2022

Foscam networked devices use the same hardcoded SSL private key across different customers'... High Unreviewed

CVE-2017-7648 was published May 17, 2022

An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded... Critical Unreviewed

CVE-2016-8567 was published May 17, 2022

D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which... High Unreviewed

CVE-2016-10125 was published May 17, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29962 was published Jul 27, 2022

Disclosure of information - the system allows you to view usernames and passwords without... High Unreviewed

CVE-2022-30622 was published Jul 18, 2022

Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow... Critical Unreviewed

CVE-2022-24657 was published Jul 21, 2022

IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password... High Unreviewed

CVE-2022-35287 was published Jul 26, 2022

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34440 was published Jan 11, 2023

NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8... Critical Unreviewed

CVE-2016-10115 was published May 17, 2022

An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older.... Critical Unreviewed

CVE-2016-5818 was published May 17, 2022

This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2020-10919 was published May 24, 2022

Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. Critical Unreviewed

CVE-2021-22644 was published Jul 29, 2022

Le-yan Personnel and Salary Management System has hard-coded database account and password within... Critical Unreviewed

CVE-2022-38116 was published Aug 31, 2022

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption... Critical Unreviewed

CVE-2022-34045 was published Jul 21, 2022

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote,... Critical Unreviewed

CVE-2022-22522 was published Sep 29, 2022

Previous 1 2 3 4 5 6 7 … 45 46 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,145 advisories