Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image,... Critical Unreviewed
CVE-2021-41299 was published May 24, 2022
An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless... Critical Unreviewed
CVE-2016-8717 was published May 13, 2022
Use of Hard-coded Cryptographic Key vulnerability in the WebReportsApi.dll of Exago Web Reports,... Critical Unreviewed
CVE-2022-1400 was published Aug 18, 2022
In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus... Moderate Unreviewed
CVE-2021-34577 was published Nov 9, 2022
In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is... Critical Unreviewed
CVE-2022-40111 was published Sep 7, 2022
Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config... Critical Unreviewed
CVE-2022-36672 was published Sep 2, 2022
Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root... Critical Unreviewed
CVE-2022-36558 was published Aug 30, 2022
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to... Critical Unreviewed
CVE-2019-3932 was published May 24, 2022
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames,... High Unreviewed
CVE-2019-3938 was published May 24, 2022
Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded... Critical Unreviewed
CVE-2022-36560 was published Aug 30, 2022
admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain... High Unreviewed
CVE-2006-7074 was published May 1, 2022
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that... High Unreviewed
CVE-2022-31269 was published Aug 26, 2022
Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials... Critical Unreviewed
CVE-2019-3939 was published May 24, 2022
The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with... High Unreviewed
CVE-2007-1063 was published May 1, 2022
In PCTechSoft PCSecure V5.0.8.xw, use of Hard-coded Credentials in configuration files leads to... High Unreviewed
CVE-2022-42176 was published Oct 20, 2022
MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's... High Unreviewed
CVE-2022-30036 was published Aug 22, 2022
Use of hard-coded credentials for the telnet server of CentreCOM AR260S V2 firmware versions... Critical Unreviewed
CVE-2022-38394 was published Sep 9, 2022
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of... Critical Unreviewed
CVE-2009-5154 was published May 2, 2022
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO... Moderate Unreviewed
CVE-2013-1603 was published May 5, 2022
IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access... Critical Unreviewed
CVE-2021-38969 was published May 12, 2022
A hard-coded password vulnerability exists in the console infactory functionality of InHand... High Unreviewed
CVE-2022-27172 was published May 13, 2022
Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows... Moderate Unreviewed
CVE-2012-4712 was published May 13, 2022
Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptographic key vulnerability due... High Unreviewed
CVE-2019-3710 was published May 13, 2022
TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample. Critical Unreviewed
CVE-2022-35491 was published Aug 11, 2022
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3... Critical Unreviewed
CVE-2017-7574 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database