Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,291 advisories

Loading
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-31477 was published May 24, 2022
ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products utilize an encryption key in... Moderate Unreviewed
CVE-2021-27481 was published May 24, 2022
An issue was discovered on Enphase Envoy R3.x and D4.x devices. There are hardcoded web-panel... Moderate Unreviewed
CVE-2020-25752 was published May 24, 2022
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a... Moderate Unreviewed
CVE-2021-3565 was published May 24, 2022
A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were... High Unreviewed
CVE-2020-1716 was published May 24, 2022
IBM Security Guardium 11.2 contains hard-coded credentials, such as a password or cryptographic... Critical Unreviewed
CVE-2021-20426 was published May 24, 2022
Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code... High Unreviewed
CVE-2021-28111 was published May 24, 2022
IBM Security Identity Manager 7.0.2 contains hard-coded credentials, such as a password or... High Unreviewed
CVE-2021-29691 was published May 24, 2022
SITEL CAP/PRX firmware version 5.2.01 makes use of a hardcoded password. An attacker with access... High Unreviewed
CVE-2021-32454 was published May 24, 2022
SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default... High Unreviewed
CVE-2021-20025 was published May 24, 2022
The affected product allows attackers to obtain sensitive information from the WISE-PaaS... Critical Unreviewed
CVE-2021-27437 was published May 24, 2022
Hongdian H8922 3.0.5 devices have an undocumented feature that allows access to a shell as a... Critical Unreviewed
CVE-2021-28152 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic... High Unreviewed
CVE-2021-20401 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic... High Unreviewed
CVE-2020-4932 was published May 24, 2022
Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker... Critical Unreviewed
CVE-2020-21995 was published May 24, 2022
The default administrator account & password of the EDIMAX wireless network camera is hard-coded.... High Unreviewed
CVE-2021-30165 was published May 24, 2022
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored... High Unreviewed
CVE-2021-25898 was published May 24, 2022
A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3),... High Unreviewed
CVE-2021-27392 was published May 24, 2022
The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks... High Unreviewed
CVE-2021-0266 was published May 24, 2022
This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded... Critical Unreviewed
CVE-2021-0248 was published May 24, 2022
A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion... High Unreviewed
CVE-2021-0245 was published May 24, 2022
Xerox AltaLink B8045/B8055/B8065/B8075/B8090, AltaLink C8030/C8035/C8045/C8055/C8070 with... Critical Unreviewed
CVE-2019-10881 was published May 24, 2022
On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption... High Unreviewed
CVE-2020-14099 was published May 24, 2022
Undocumented Default Cryptographic Key Vulnerability in Cohesity DataPlatform version 6.3 prior 6... Critical Unreviewed
CVE-2021-28123 was published May 24, 2022
A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of... Moderate Unreviewed
CVE-2021-26579 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database