GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,936
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,154
NuGet 736
pip 3,953
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 270,174

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,327 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT'... High Unreviewed

CVE-2020-12627 was published May 24, 2022

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower... Low Unreviewed

CVE-2020-3301 was published May 24, 2022

Multiple vulnerabilities in Cisco Firepower Management Center (FMC) Software and Cisco Firepower... High Unreviewed

CVE-2020-3318 was published May 24, 2022

The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code... High Unreviewed

CVE-2020-13166 was published May 24, 2022

An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by... Moderate Unreviewed

CVE-2020-13414 was published May 24, 2022

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829... High Unreviewed

CVE-2020-3234 was published May 24, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader... High Unreviewed

CVE-2020-7498 was published May 24, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1... Moderate Unreviewed

CVE-2020-7501 was published May 24, 2022

Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in... Moderate Unreviewed

CVE-2020-9289 was published May 24, 2022

The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This... Critical Unreviewed

CVE-2020-10276 was published May 24, 2022

An issue was discovered in MK-AUTH 19.01. There is authentication bypass in the web login... High Unreviewed

CVE-2020-14070 was published May 24, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account... Moderate Unreviewed

CVE-2020-15318 was published May 24, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config... Critical Unreviewed

CVE-2020-15324 was published May 24, 2022

The NetApp HCI H610S Baseboard Management Controller (BMC) is shipped with a documented default... Moderate Unreviewed

CVE-2020-8573 was published May 24, 2022

This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2020-10919 was published May 24, 2022

A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in... Low Unreviewed

CVE-2020-7515 was published May 24, 2022

The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows... High Unreviewed

CVE-2020-7352 was published May 24, 2022

The Temi application 1.3.3 through 1.3.7931 for Android has hard-coded credentials. High Unreviewed

CVE-2020-16170 was published May 24, 2022

The client (aka GalaxyClientService.exe) in GOG GALAXY 2.0.19 allows local privilege escalation... Moderate Unreviewed

CVE-2020-24574 was published May 24, 2022

GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for... High Unreviewed

CVE-2020-14510 was published May 24, 2022

In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to... Moderate Unreviewed

CVE-2020-24115 was published May 24, 2022

Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9... High Unreviewed

CVE-2018-17771 was published May 24, 2022

Ingenico Telium 2 POS terminals have hardcoded PPP credentials. This is fixed in Telium 2 SDK v9... High Unreviewed

CVE-2018-17767 was published May 24, 2022

An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. PKI... Moderate Unreviewed

CVE-2020-25256 was published May 24, 2022

D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet... Critical Unreviewed

CVE-2018-20432 was published May 24, 2022

Previous 1…20…54 Next

Previous 1 2 … 18 19 20 21 22 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,327 advisories