GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
171 advisories
Filter by severity
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the...
Moderate
Unreviewed
CVE-2020-27278
was published
May 24, 2022
A hard-coded password vulnerability exists in the SFTP Log Collection Server function of Trend...
Moderate
Unreviewed
CVE-2021-32459
was published
May 24, 2022
In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus...
Moderate
Unreviewed
CVE-2021-34577
was published
Nov 9, 2022
An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO...
Moderate
Unreviewed
CVE-2013-1603
was published
May 5, 2022
Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows...
Moderate
Unreviewed
CVE-2012-4712
was published
May 13, 2022
A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)...
Moderate
Unreviewed
CVE-2018-0329
was published
May 13, 2022
An issue was discovered on Victure WR1200 devices through 1.0.3. The default Wi-Fi WPA2 key is...
Moderate
Unreviewed
CVE-2021-43282
was published
Dec 1, 2021
The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation...
Moderate
Unreviewed
CVE-2018-12240
was published
May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 uses hard-coded credentials which could allow an attacker to bypass...
Moderate
Unreviewed
CVE-2018-1650
was published
May 13, 2022
All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server may allow an...
Moderate
Unreviewed
CVE-2018-17919
was published
May 13, 2022
A Use of Hard-Coded Credentials issue was discovered in MRD-305-DIN versions older than 1.7.5.0,...
Moderate
Unreviewed
CVE-2017-12709
was published
May 13, 2022
The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a...
Moderate
Unreviewed
CVE-2017-12317
was published
May 13, 2022
A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000...
Moderate
Unreviewed
CVE-2017-9649
was published
May 13, 2022
The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when...
Moderate
Unreviewed
CVE-2022-41540
was published
Oct 18, 2022
A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all...
Moderate
Unreviewed
CVE-2017-6039
was published
May 13, 2022
IBM Publishing Engine 2.1.2 and 6.0.5 contains an undisclosed vulnerability that could allow a...
Moderate
Unreviewed
CVE-2017-1787
was published
May 13, 2022
Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI...
Moderate
Unreviewed
CVE-2017-14014
was published
May 13, 2022
Baxter SIGMA Spectrum Infusion System version 6.05 (model 35700BAX) with wireless battery module ...
Moderate
Unreviewed
CVE-2014-5431
was published
May 13, 2022
Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow...
Moderate
Unreviewed
CVE-2022-38069
was published
Sep 14, 2022
FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses...
Moderate
Unreviewed
CVE-2017-2720
was published
May 13, 2022
Amcrest networked devices use the same hardcoded SSL private key across different customers'...
Moderate
Unreviewed
CVE-2018-16546
was published
May 13, 2022
Lenovo Chassis Management Module (CMM) prior to version 2.0.0 utilizes a hardcoded encryption key...
Moderate
Unreviewed
CVE-2018-9073
was published
May 14, 2022
A Use of Hard-coded Credentials issue was discovered in Smiths Medical Medfusion 4000 Wireless...
Moderate
Unreviewed
CVE-2017-12725
was published
May 14, 2022
Certain NETGEAR devices are affected by a hardcoded password. This affects RBK352 before 4.4.0.10...
Moderate
Unreviewed
CVE-2021-45521
was published
Dec 27, 2021
Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be...
Moderate
Unreviewed
CVE-2022-22766
was published
Feb 12, 2022
ProTip!
Advisories are also available from the
GraphQL API