Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

214 advisories

Loading
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials,... Moderate Unreviewed
CVE-2021-29728 was published May 24, 2022
A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471.... Moderate Unreviewed
CVE-2023-0808 was published Feb 13, 2023
Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a... Moderate Unreviewed
CVE-2019-10990 was published May 24, 2022
Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows... Moderate Unreviewed
CVE-2023-21426 was published Feb 9, 2023
PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys... Moderate Unreviewed
CVE-2022-34449 was published Feb 11, 2023
Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ... Moderate Unreviewed
CVE-2022-34386 was published Feb 11, 2023
The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to... Moderate Unreviewed
CVE-2020-35137 was published May 24, 2022
The ABB HMI components implement hidden administrative accounts that are used during the... Moderate Unreviewed
CVE-2019-7225 was published May 24, 2022
A weak default password for the serial port was reported in some Lenovo Personal Cloud Storage... Moderate Unreviewed
CVE-2021-42849 was published May 19, 2022
An information disclosure vulnerability exists in the router configuration export functionality... Moderate Unreviewed
CVE-2022-26020 was published May 13, 2022
Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials,... Moderate Unreviewed
CVE-2021-35232 was published Dec 28, 2021
A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects... Moderate Unreviewed
CVE-2023-3237 was published Jun 14, 2023
Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated... Moderate Unreviewed
CVE-2023-41030 was published Sep 18, 2023
Microweber uses hard coded credentials Moderate
CVE-2023-5318 was published for microweber/microweber (Composer) Sep 30, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... Moderate Unreviewed
CVE-2023-37858 was published Aug 9, 2023
A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7... Moderate Unreviewed
CVE-2023-33304 was published Nov 14, 2023
A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 -... Moderate Unreviewed
CVE-2023-40719 was published Nov 14, 2023
The FACSChorus software contains sensitive information stored in plaintext. A threat actor could... Moderate Unreviewed
CVE-2023-29064 was published Nov 28, 2023
SmartStar Software CWS is a web-base integration platform, it has a vulnerability of using a hard... Moderate Unreviewed
CVE-2023-48374 was published Dec 15, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or... Moderate Unreviewed
CVE-2023-47704 was published Dec 20, 2023
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an... Moderate Unreviewed
CVE-2023-46711 was published Dec 26, 2023
In Pexip VMR self-service portal before 3, the same SSH host key is used across different... Moderate Unreviewed
CVE-2023-40236 was published Dec 25, 2023
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or... Moderate Unreviewed
CVE-2023-50948 was published Jan 8, 2024
The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded... Moderate Unreviewed
CVE-2023-28897 was published Jan 12, 2024
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses... Moderate Unreviewed
CVE-2023-49228 was published Dec 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database