GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,159 advisories
Filter by severity
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The binary file /usr/local/sbin/webproject...
Critical
Unreviewed
CVE-2022-31210
was published
Jul 18, 2022
IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password...
High
Unreviewed
CVE-2020-4157
was published
Jul 13, 2022
Lens Peek-a-View has a password of 2601hx for the backdoor admin account, a password of user for...
Critical
Unreviewed
CVE-2015-2885
was published
May 17, 2022
An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0....
Critical
Unreviewed
CVE-2017-6403
was published
May 17, 2022
Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account,...
Critical
Unreviewed
CVE-2016-10308
was published
May 17, 2022
Isode SWIFT v4.0.2 was discovered to contain hard-coded credentials in the Registry Editor. This...
High
Unreviewed
CVE-2022-32389
was published
Jul 15, 2022
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a...
Critical
Unreviewed
CVE-2022-26138
was published
Jul 21, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5...
High
Unreviewed
CVE-2022-29060
was published
Jul 20, 2022
OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine...
Critical
Unreviewed
CVE-2022-32965
was published
Aug 5, 2022
Foscam networked devices use the same hardcoded SSL private key across different customers'...
High
Unreviewed
CVE-2017-7648
was published
May 17, 2022
An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded...
Critical
Unreviewed
CVE-2016-8567
was published
May 17, 2022
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which...
High
Unreviewed
CVE-2016-10125
was published
May 17, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29...
Moderate
Unreviewed
CVE-2022-29962
was published
Jul 27, 2022
Disclosure of information - the system allows you to view usernames and passwords without...
High
Unreviewed
CVE-2022-30622
was published
Jul 18, 2022
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow...
Critical
Unreviewed
CVE-2022-24657
was published
Jul 21, 2022
IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password...
High
Unreviewed
CVE-2022-35287
was published
Jul 26, 2022
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded...
Critical
Unreviewed
CVE-2022-34440
was published
Jan 11, 2023
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8...
Critical
Unreviewed
CVE-2016-10115
was published
May 17, 2022
An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older....
Critical
Unreviewed
CVE-2016-5818
was published
May 17, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2020-10919
was published
May 24, 2022
Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key.
Critical
Unreviewed
CVE-2021-22644
was published
Jul 29, 2022
Le-yan Personnel and Salary Management System has hard-coded database account and password within...
Critical
Unreviewed
CVE-2022-38116
was published
Aug 31, 2022
Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption...
Critical
Unreviewed
CVE-2022-34045
was published
Jul 21, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote,...
Critical
Unreviewed
CVE-2022-22522
was published
Sep 29, 2022
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and...
Moderate
Unreviewed
CVE-2022-20844
was published
Oct 1, 2022
ProTip!
Advisories are also available from the
GraphQL API