GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,931
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,150
NuGet 736
pip 3,952
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 269,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,327 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker... Critical Unreviewed

CVE-2020-21995 was published May 24, 2022

IBM Security Guardium 11.2 contains hard-coded credentials, such as a password or cryptographic... Critical Unreviewed

CVE-2021-20426 was published May 24, 2022

ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products utilize an encryption key in... Moderate Unreviewed

CVE-2021-27481 was published May 24, 2022

Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0... High Unreviewed

CVE-2021-34812 was published May 24, 2022

In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender... Critical Unreviewed

CVE-2021-34601 was published Apr 28, 2022

UNNO v03.11.00 was discovered to contain access control issue. Critical Unreviewed

CVE-2022-25521 was published Mar 30, 2022

In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented... High Unreviewed

CVE-2021-33540 was published May 24, 2022

In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded... High Unreviewed

CVE-2021-33531 was published May 24, 2022

In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic... High Unreviewed

CVE-2021-33529 was published May 24, 2022

This vulnerability allows attackers with physical access to escalate privileges on affected... High Unreviewed

CVE-2021-31505 was published May 24, 2022

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API... High Unreviewed

CVE-2021-33220 was published May 24, 2022

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard... Critical Unreviewed

CVE-2021-33219 was published May 24, 2022

Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local... High Unreviewed

CVE-2021-32521 was published May 24, 2022

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard... Critical Unreviewed

CVE-2021-33218 was published May 24, 2022

Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in... High Unreviewed

CVE-2021-24005 was published May 24, 2022

Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14... High Unreviewed

CVE-2021-20748 was published May 24, 2022

Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by... High Unreviewed

CVE-2021-0279 was published May 24, 2022

A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK... Critical Unreviewed

CVE-2021-21820 was published May 24, 2022

A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D... High Unreviewed

CVE-2021-21818 was published May 24, 2022

IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or... Moderate Unreviewed

CVE-2021-20537 was published May 24, 2022

Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin... Critical Unreviewed

CVE-2021-35961 was published May 24, 2022

Dell EMC Networking S4100 and S5200 Series Switches manufactured prior to February 2020 contain a... Critical Unreviewed

CVE-2020-5349 was published May 24, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 /... Critical Unreviewed

CVE-2021-22707 was published May 24, 2022

Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser... Critical Unreviewed

CVE-2021-31579 was published May 24, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 /... Critical Unreviewed

CVE-2021-22730 was published May 24, 2022

Previous 1…13…54 Next

Previous 1 2 … 11 12 13 14 15 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,327 advisories