GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,357

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

527 advisories

Filter by severity

Sort by

Least recently updated

HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnerability. This issue allows... Critical Unreviewed

CVE-2021-26611 was published Nov 27, 2021

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The SNMP daemon was... Critical Unreviewed

CVE-2021-43044 was published Dec 7, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded credentials. It is possible to... Critical Unreviewed

CVE-2021-20155 was published Dec 31, 2021

ENC DataVault 7.1.1W uses an inappropriate encryption algorithm, such that an attacker (who does... Critical Unreviewed

CVE-2021-36751 was published Jan 3, 2022

QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736... Critical Unreviewed

CVE-2022-22845 was published Jan 11, 2022

The Le-yan dental management system contains a hard-coded credentials vulnerability in the web... Critical Unreviewed

CVE-2022-22056 was published Jan 15, 2022

Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any... Critical Unreviewed

CVE-2021-23233 was published Jan 22, 2022

MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key... Critical Unreviewed

CVE-2022-22928 was published Jan 22, 2022

Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source... Critical Unreviewed

CVE-2020-36064 was published Feb 1, 2022

The affected product has a hardcoded private key available inside the project folder, which may... Critical Unreviewed

CVE-2022-22987 was published Feb 10, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the... Critical Unreviewed

CVE-2022-22813 was published Feb 11, 2022

Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the... Critical Unreviewed

CVE-2020-36062 was published Feb 12, 2022

Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric... Critical Unreviewed

CVE-2021-27797 was published Feb 22, 2022

Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform... Critical Unreviewed

CVE-2022-25329 was published Feb 25, 2022

Home Owners Collection Management System v1.0 was discovered to contain hardcoded credentials... Critical Unreviewed

CVE-2022-25045 was published Mar 3, 2022

The following Yokogawa Electric products hard-code the password for CAMS server applications:... Critical Unreviewed

CVE-2022-23402 was published Mar 12, 2022

The following Yokogawa Electric products do not change the passwords of the internal Windows... Critical Unreviewed

CVE-2022-21194 was published Mar 12, 2022

Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded... Critical Unreviewed

CVE-2021-45877 was published Mar 22, 2022

ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite... Critical Unreviewed

CVE-2022-25577 was published Mar 26, 2022

UNNO v03.11.00 was discovered to contain access control issue. Critical Unreviewed

CVE-2022-25521 was published Mar 30, 2022

Baicells Nova436Q and Neutrino 430 devices with firmware through QRTB 2.7.8 have hardcoded... Critical Unreviewed

CVE-2022-24693 was published Mar 31, 2022

A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP... Critical Unreviewed

CVE-2022-1162 was published Apr 5, 2022

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across... Critical Unreviewed

CVE-2022-25569 was published Apr 5, 2022

On Schneider Electric ConneXium Tofino Firewall TCSEFEA23F3F22 before 03.23, TCSEFEA23F3F20/21,... Critical Unreviewed

CVE-2021-30064 was published Apr 5, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1,... Critical Unreviewed

CVE-2022-23441 was published Apr 7, 2022

Previous 1 2 3 4 5 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

527 advisories