Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,518
Maven
5,000+
npm
4,156
NuGet
736
pip
3,955
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an... Moderate Unreviewed
CVE-2021-34757 was published May 24, 2022
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an... Moderate Unreviewed
CVE-2021-34744 was published May 24, 2022
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2... Critical Unreviewed
CVE-2021-38456 was published May 24, 2022
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with... Moderate Unreviewed
CVE-2021-41320 was published May 24, 2022
The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key... High Unreviewed
CVE-2021-38461 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... Critical Unreviewed
CVE-2021-34795 was published May 24, 2022
A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow... Critical Unreviewed
CVE-2021-40119 was published May 24, 2022
Airangel HSMX Gateway devices through 5.2.04 have Hard-coded Database Credentials. Critical Unreviewed
CVE-2021-40519 was published May 24, 2022
** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt... Moderate Unreviewed
CVE-2021-43575 was published May 24, 2022
D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which... Critical Unreviewed
CVE-2017-11436 was published May 24, 2022
D-Link DGS-1500 Ax devices before 2.51B021 have a hardcoded password, which allows remote... Critical Unreviewed
CVE-2017-15909 was published May 24, 2022
IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could... Moderate Unreviewed
CVE-2019-4220 was published May 24, 2022
Linear eMerge E3-Series devices have Hard-coded Credentials. Critical Unreviewed
CVE-2019-7261 was published May 24, 2022
Linear eMerge E3-Series devices allow Remote Code Execution (root access over SSH). Critical Unreviewed
CVE-2019-7265 was published May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses hard coded credentials which could... Low Unreviewed
CVE-2019-4309 was published May 24, 2022
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform ... Moderate Unreviewed
CVE-2019-13543 was published May 24, 2022
Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak... High Unreviewed
CVE-2020-15382 was published May 24, 2022
A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions... Moderate Unreviewed
CVE-2019-6859 was published May 24, 2022
The vulnerability of hard-coded default credentials in QSAN SANOS allows unauthenticated remote... Critical Unreviewed
CVE-2021-32535 was published May 24, 2022
The same hard-coded password in QSAN Storage Manager's in the firmware allows remote attackers to... Critical Unreviewed
CVE-2021-32525 was published May 24, 2022
Use of hard-coded cryptographic key vulnerability in QSAN Storage Manager allows attackers to... Critical Unreviewed
CVE-2021-32520 was published May 24, 2022
A hard-coded password vulnerability exists in the SFTP Log Collection Server function of Trend... Moderate Unreviewed
CVE-2021-32459 was published May 24, 2022
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire... Critical Unreviewed
CVE-2020-25565 was published May 24, 2022
ECOA BAS controller is vulnerable to hard-coded credentials within its Linux distribution image,... Critical Unreviewed
CVE-2021-41299 was published May 24, 2022
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the... Moderate Unreviewed
CVE-2020-27278 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database