Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

435 advisories

Loading
MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the... High Unreviewed
CVE-2023-0391 was published Mar 21, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet... High Unreviewed
CVE-2023-24147 was published Feb 3, 2023
Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure. The application... High Unreviewed
CVE-2023-23132 was published Feb 1, 2023
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege... High Unreviewed
CVE-2022-42973 was published Feb 1, 2023
A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an... High Unreviewed
CVE-2023-20038 was published Jan 20, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password... High Unreviewed
CVE-2022-34462 was published Jan 18, 2023
Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism.... High Unreviewed
CVE-2022-36925 was published Jan 9, 2023
ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX... High Unreviewed
CVE-2022-4780 was published Dec 29, 2022
Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An... High Unreviewed
CVE-2022-45425 was published Dec 27, 2022
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin... High Unreviewed
CVE-2022-36222 was published Dec 21, 2022
Common encryption key appears to be used across all deployed instances of Serv-U FTP Server.... High Unreviewed
CVE-2021-35252 was published Dec 20, 2022
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a... High Unreviewed
CVE-2022-2660 was published Dec 14, 2022
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... High Unreviewed
CVE-2022-46411 was published Dec 4, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29827 was published Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29828 was published Nov 25, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1... High Unreviewed
CVE-2022-29831 was published Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29829 was published Nov 25, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric GX Works3 all versions allows an... High Unreviewed
CVE-2022-29825 was published Nov 25, 2022
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: ... High Unreviewed
CVE-2022-37710 was published Nov 7, 2022
BD Totalys MultiProcessor, versions 1.70 and earlier, contain hardcoded credentials. If exploited... High Unreviewed
CVE-2022-40263 was published Nov 5, 2022
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco... High Unreviewed
CVE-2022-20868 was published Nov 4, 2022
Use of hard-coded TLS certificate by default allows an attacker to perform Man-in-the-Middle ... High Unreviewed
CVE-2021-4228 was published Oct 24, 2022
In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to... High Unreviewed
CVE-2022-42176 was published Oct 20, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a... High Unreviewed
CVE-2022-38420 was published Oct 15, 2022
Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vulnerability in SSH. An... High Unreviewed
CVE-2022-34425 was published Oct 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database