GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,176
Erlang
30
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
412 advisories
Filter by severity
An issue was discovered on Victure WR1200 devices through 1.0.3. The root SSH password never gets...
High
Unreviewed
CVE-2021-43284
was published
Dec 1, 2021
A use of hard-coded cryptographic key vulnerability in the SSLVPN of FortiOS before 7.0.1 may...
High
Unreviewed
CVE-2021-26108
was published
Dec 9, 2021
A combination of a use of hard-coded cryptographic key vulnerability [CWE-321] in FortiClientEMS...
High
Unreviewed
CVE-2021-41028
was published
Dec 17, 2021
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.
High
Unreviewed
CVE-2021-44207
was published
Dec 22, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by a hardcoded password.
High
Unreviewed
CVE-2021-45522
was published
Dec 27, 2021
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10...
High
Unreviewed
CVE-2021-45520
was published
Dec 27, 2021
IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a...
High
Unreviewed
CVE-2021-32993
was published
Dec 28, 2021
Netgear Nighthawk R6700 version 1.0.4.120 makes use of a hardcoded credential. It does not appear...
High
Unreviewed
CVE-2021-45732
was published
Dec 31, 2021
Netgear RAX43 version 1.0.3.96 makes use of hardcoded credentials. It does not appear that normal...
High
Unreviewed
CVE-2021-20170
was published
Dec 31, 2021
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded...
High
Unreviewed
CVE-2021-20132
was published
Dec 31, 2021
The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL -...
High
Unreviewed
CVE-2021-43052
was published
Jan 12, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <...
High
Unreviewed
CVE-2021-45033
was published
Jan 12, 2022
Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware...
High
Unreviewed
CVE-2021-20612
was published
Jan 15, 2022
Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric...
High
Unreviewed
CVE-2021-23842
was published
Jan 20, 2022
Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely...
High
Unreviewed
CVE-2021-44464
was published
Jan 22, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to...
High
Unreviewed
CVE-2021-42635
was published
Feb 1, 2022
A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that...
High
Unreviewed
CVE-2021-42833
was published
Feb 8, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information...
High
Unreviewed
CVE-2022-22722
was published
Feb 11, 2022
BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat...
High
Unreviewed
CVE-2022-22765
was published
Feb 15, 2022
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data...
High
Unreviewed
CVE-2021-46247
was published
Feb 18, 2022
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to...
High
Unreviewed
CVE-2022-24255
was published
Mar 3, 2022
Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on...
High
Unreviewed
CVE-2022-25217
was published
Mar 11, 2022
Improper physical access control and use of hard-coded credentials in /etc/passwd permits an...
High
Unreviewed
CVE-2022-25213
was published
Mar 11, 2022
RunAsSpc 4.0 uses a universal and recoverable encryption key. In possession of a file encrypted...
High
Unreviewed
CVE-2022-26660
was published
Mar 17, 2022
Axeda agent (All versions) and Axeda Desktop Server for Windows (All versions) uses hard-coded...
High
Unreviewed
CVE-2022-25246
was published
Mar 17, 2022
ProTip!
Advisories are also available from the
GraphQL API