GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,713
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,600
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,480

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,264 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Isode SWIFT v4.0.2 was discovered to contain hard-coded credentials in the Registry Editor. This... High Unreviewed

CVE-2022-32389 was published Jul 15, 2022

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a... Critical Unreviewed

CVE-2022-26138 was published Jul 21, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5... High Unreviewed

CVE-2022-29060 was published Jul 20, 2022

OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine... Critical Unreviewed

CVE-2022-32965 was published Aug 5, 2022

Foscam networked devices use the same hardcoded SSL private key across different customers'... High Unreviewed

CVE-2017-7648 was published May 17, 2022

An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded... Critical Unreviewed

CVE-2016-8567 was published May 17, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29962 was published Jul 27, 2022

Disclosure of information - the system allows you to view usernames and passwords without... High Unreviewed

CVE-2022-30622 was published Jul 18, 2022

Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow... Critical Unreviewed

CVE-2022-24657 was published Jul 21, 2022

IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password... High Unreviewed

CVE-2022-35287 was published Jul 26, 2022

An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older.... Critical Unreviewed

CVE-2016-5818 was published May 17, 2022

This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2020-10919 was published May 24, 2022

Le-yan Personnel and Salary Management System has hard-coded database account and password within... Critical Unreviewed

CVE-2022-38116 was published Aug 31, 2022

Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption... Critical Unreviewed

CVE-2022-34045 was published Jul 21, 2022

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote,... Critical Unreviewed

CVE-2022-22522 was published Sep 29, 2022

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and... Moderate Unreviewed

CVE-2022-20844 was published Oct 1, 2022

Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default passwords for the sa and... Critical Unreviewed

CVE-2016-6530 was published May 17, 2022

A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd... Critical Unreviewed

CVE-2022-22144 was published Aug 6, 2022

A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2.... High Unreviewed

CVE-2022-34906 was published Jul 26, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29963 was published Jul 27, 2022

The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with... Critical Unreviewed

CVE-2022-30274 was published Jul 27, 2022

The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface... Critical Unreviewed

CVE-2022-30270 was published Jul 27, 2022

In Veritas NetBackup OpsCenter, a hard-coded credential exists that could be used to exploit the... Critical Unreviewed

CVE-2022-36952 was published Jul 28, 2022

The rsyncd server in Fortinet FortiWLC 6.1-2-29 and earlier, 7.0-9-1, 7.0-10-0, 8.0-5-0, 8.1-2-0,... Critical Unreviewed

CVE-2016-7560 was published May 17, 2022

AVer Information EH6108H+ devices with firmware X9.03.24.00.07l have hardcoded accounts, which... Critical Unreviewed

CVE-2016-6535 was published May 17, 2022

Previous 1 2 3 4 5 6 7 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,264 advisories