Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd... Critical Unreviewed
CVE-2022-22144 was published Aug 6, 2022
TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample. Critical Unreviewed
CVE-2022-35491 was published Aug 11, 2022
In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9.1R12, the administrator password is... High Unreviewed
CVE-2021-44720 was published Aug 13, 2022
'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded... High Unreviewed
CVE-2022-35734 was published Aug 17, 2022
Use of Hard-coded Cryptographic Key vulnerability in the WebReportsApi.dll of Exago Web Reports,... Critical Unreviewed
CVE-2022-1400 was published Aug 18, 2022
Use of Hard-coded Credentials in AgileConfig.Client Critical
CVE-2022-35540 was published for AgileConfig.Client (NuGet) Aug 19, 2022
MapGIS IGServer 10.5.6.11 is vulnerable to Arbitrary file deletion. High Unreviewed
CVE-2022-36171 was published Aug 20, 2022
MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of... High Unreviewed
CVE-2022-36170 was published Aug 20, 2022
MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's... High Unreviewed
CVE-2022-30036 was published Aug 22, 2022
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that... High Unreviewed
CVE-2022-31269 was published Aug 26, 2022
Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d... Critical Unreviewed
CVE-2022-38556 was published Aug 29, 2022
D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d... Critical Unreviewed
CVE-2022-38557 was published Aug 29, 2022
TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at ... High Unreviewed
CVE-2022-36610 was published Aug 29, 2022
TOTOLINK A810R V4.1.2cu.5182_B20201026 and V5.9c.4050_B20190424 was discovered to contain a... High Unreviewed
CVE-2022-36616 was published Aug 29, 2022
TOTOLINK A950RG V4.1.2cu.5204_B20210112 was discovered to contain a hardcoded password for root... High Unreviewed
CVE-2022-36612 was published Aug 29, 2022
TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at... High Unreviewed
CVE-2022-36611 was published Aug 29, 2022
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at... High Unreviewed
CVE-2022-36613 was published Aug 29, 2022
TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a hardcoded password for root at... High Unreviewed
CVE-2022-36614 was published Aug 29, 2022
TOTOLINK A3000RU V4.1.2cu.5185_B20201128 was discovered to contain a hardcoded password for root... High Unreviewed
CVE-2022-36615 was published Aug 29, 2022
Seiko SkyBridge MB-A100/A110 v4.2.0 and below implements a hard-coded passcode for the root... Critical Unreviewed
CVE-2022-36558 was published Aug 30, 2022
Seiko SkyBridge MB-A200 v01.00.04 and below was discovered to contain multiple hard-coded... Critical Unreviewed
CVE-2022-36560 was published Aug 30, 2022
Le-yan Personnel and Salary Management System has hard-coded database account and password within... Critical Unreviewed
CVE-2022-38116 was published Aug 31, 2022
Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056,... Critical Unreviewed
CVE-2022-30318 was published Sep 1, 2022
Novel-Plus v3.6.2 was discovered to contain a hard-coded JWT key located in the project config... Critical Unreviewed
CVE-2022-36672 was published Sep 2, 2022
In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow... High Unreviewed
CVE-2022-37841 was published Sep 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database