Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter... High Unreviewed
CVE-2022-31619 was published Jun 15, 2022
Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc... Critical Unreviewed
CVE-2022-34993 was published Aug 5, 2022
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7... Moderate Unreviewed
CVE-2021-27503 was published May 24, 2022
An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus... Critical Unreviewed
CVE-2021-37163 was published May 24, 2022
Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. This allows a... Critical Unreviewed
CVE-2021-27952 was published May 24, 2022
SapphireIMS 5 utilized default sapphire:ims credentials to connect the client to server. This... High Unreviewed
CVE-2020-25561 was published May 24, 2022
KubePi allows malicious actor to login with a forged JWT token via Hardcoded Jwtsigkeys Critical
CVE-2023-22463 was published for github.com/KubeOperator/kubepi (Go) Jan 6, 2023
A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below,... Critical Unreviewed
CVE-2021-32588 was published May 24, 2022
Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron... High Unreviewed
CVE-2021-39245 was published May 24, 2022
D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d... Critical Unreviewed
CVE-2022-38557 was published Aug 29, 2022
Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d... Critical Unreviewed
CVE-2022-38556 was published Aug 29, 2022
D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc... Critical Unreviewed
CVE-2021-39614 was published May 24, 2022
Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt... Moderate Unreviewed
CVE-2021-36234 was published May 24, 2022
TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at ... High Unreviewed
CVE-2022-36610 was published Aug 29, 2022
An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. An attacker can... High Unreviewed
CVE-2021-33484 was published May 24, 2022
TOTOLINK A810R V4.1.2cu.5182_B20201026 and V5.9c.4050_B20190424 was discovered to contain a... High Unreviewed
CVE-2022-36616 was published Aug 29, 2022
TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at... High Unreviewed
CVE-2022-36611 was published Aug 29, 2022
TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a hardcoded password for root at... High Unreviewed
CVE-2022-36614 was published Aug 29, 2022
TOTOLINK A3000RU V4.1.2cu.5185_B20201128 was discovered to contain a hardcoded password for root... High Unreviewed
CVE-2022-36615 was published Aug 29, 2022
TOTOLINK A950RG V4.1.2cu.5204_B20210112 was discovered to contain a hardcoded password for root... High Unreviewed
CVE-2022-36612 was published Aug 29, 2022
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at... High Unreviewed
CVE-2022-36613 was published Aug 29, 2022
BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own unique hard coded and weak root SSH key... High Unreviewed
CVE-2021-28912 was published May 24, 2022
Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an... Moderate Unreviewed
CVE-2021-34571 was published May 24, 2022
A vulnerability involving insecure storage of sensitive information has been reported to affect... High Unreviewed
CVE-2021-28813 was published May 24, 2022
REINER timeCard 6.05.07 installs a Microsoft SQL Server with an sa password that is hardcoded in... Critical Unreviewed
CVE-2021-33583 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database