Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,291 advisories

Loading
Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with... High Unreviewed
CVE-2020-5351 was published May 24, 2022
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related... Critical Unreviewed
CVE-2021-37555 was published May 24, 2022
Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser... Critical Unreviewed
CVE-2021-31579 was published May 24, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 /... Critical Unreviewed
CVE-2021-22707 was published May 24, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 /... Critical Unreviewed
CVE-2021-22730 was published May 24, 2022
Dell EMC Networking S4100 and S5200 Series Switches manufactured prior to February 2020 contain a... Critical Unreviewed
CVE-2020-5349 was published May 24, 2022
KNX ETS5 uses the hard-coded password ETS5Password, with a salt value of Ivan Medvedev. Critical Unreviewed
CVE-2021-36799 was published May 24, 2022
A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK... Critical Unreviewed
CVE-2021-21820 was published May 24, 2022
A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D... High Unreviewed
CVE-2021-21818 was published May 24, 2022
Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin... Critical Unreviewed
CVE-2021-35961 was published May 24, 2022
IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or... Moderate Unreviewed
CVE-2021-20537 was published May 24, 2022
Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by... High Unreviewed
CVE-2021-0279 was published May 24, 2022
Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14... High Unreviewed
CVE-2021-20748 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed
CVE-2021-1576 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process... High Unreviewed
CVE-2021-1574 was published May 24, 2022
Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local... High Unreviewed
CVE-2021-32521 was published May 24, 2022
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API... High Unreviewed
CVE-2021-33220 was published May 24, 2022
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard... Critical Unreviewed
CVE-2021-33218 was published May 24, 2022
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard... Critical Unreviewed
CVE-2021-33219 was published May 24, 2022
Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in... High Unreviewed
CVE-2021-24005 was published May 24, 2022
This vulnerability allows attackers with physical access to escalate privileges on affected... High Unreviewed
CVE-2021-31505 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded... High Unreviewed
CVE-2021-33531 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic... High Unreviewed
CVE-2021-33529 was published May 24, 2022
In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented... High Unreviewed
CVE-2021-33540 was published May 24, 2022
Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0... High Unreviewed
CVE-2021-34812 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database