GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,155
Composer 4,335
Erlang 31
GitHub Actions 22
Go 2,096
Maven 5,269
npm 3,762
NuGet 678
pip 3,448
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,794

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

436 advisories

Filter by severity

Sort by

Least recently updated

In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic... High Unreviewed

CVE-2021-33529 was published May 24, 2022

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded... High Unreviewed

CVE-2021-33531 was published May 24, 2022

In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented... High Unreviewed

CVE-2021-33540 was published May 24, 2022

Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0... High Unreviewed

CVE-2021-34812 was published May 24, 2022

A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3),... High Unreviewed

CVE-2021-27392 was published May 24, 2022

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed

CVE-2021-31477 was published May 24, 2022

IBM Security Identity Manager 7.0.2 contains hard-coded credentials, such as a password or... High Unreviewed

CVE-2021-29691 was published May 24, 2022

SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default... High Unreviewed

CVE-2021-20025 was published May 24, 2022

IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic... High Unreviewed

CVE-2020-4932 was published May 24, 2022

The default administrator account & password of the EDIMAX wireless network camera is hard-coded.... High Unreviewed

CVE-2021-30165 was published May 24, 2022

An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored... High Unreviewed

CVE-2021-25898 was published May 24, 2022

A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were... High Unreviewed

CVE-2020-1716 was published May 24, 2022

Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code... High Unreviewed

CVE-2021-28111 was published May 24, 2022

SITEL CAP/PRX firmware version 5.2.01 makes use of a hardcoded password. An attacker with access... High Unreviewed

CVE-2021-32454 was published May 24, 2022

On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption... High Unreviewed

CVE-2020-14099 was published May 24, 2022

An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8... High Unreviewed

CVE-2020-28999 was published May 24, 2022

IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic... High Unreviewed

CVE-2021-20401 was published May 24, 2022

In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow... High Unreviewed

CVE-2022-37841 was published Sep 7, 2022

'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded... High Unreviewed

CVE-2022-35734 was published Aug 17, 2022

A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion... High Unreviewed

CVE-2021-0245 was published May 24, 2022

An issue was discovered on Athom Homey and Homey Pro devices before 5.0.0. ZigBee hub devices... High Unreviewed

CVE-2020-28952 was published May 24, 2022

This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed

CVE-2021-27254 was published May 24, 2022

Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: ... High Unreviewed

CVE-2022-37710 was published Nov 7, 2022

An issue was discovered in Scytl sVote 2.1. Due to the implementation of the database manager, an... High Unreviewed

CVE-2019-25021 was published May 24, 2022

Helpcom before v10.0 contains a file download and execution vulnerability caused by storing... High Unreviewed

CVE-2020-7846 was published May 24, 2022

Previous 1 2 … 12 13 14 15 16 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

436 advisories