GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,120 advisories

Filter by severity

Sort by

Least recently updated

An information disclosure vulnerability exists in the router configuration export functionality... Moderate Unreviewed

CVE-2022-26020 was published May 13, 2022

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access... Critical Unreviewed

CVE-2021-38969 was published May 12, 2022

** UNSUPPORTED WHEN ASSIGNED ** QNAP F_VioCard 2312 and F_VioGate 2308 have hardcoded entries in... Critical Unreviewed

CVE-2013-6276 was published May 5, 2022

An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO... Moderate Unreviewed

CVE-2013-1603 was published May 5, 2022

Use of static encryption key material allows forging an authentication token to other users... High Unreviewed

CVE-2022-23724 was published May 5, 2022

An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of... Critical Unreviewed

CVE-2009-5154 was published May 2, 2022

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key,... Moderate Unreviewed

CVE-2008-2369 was published May 1, 2022

ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not... High Unreviewed

CVE-2008-1160 was published May 1, 2022

EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to... High Unreviewed

CVE-2008-0961 was published May 1, 2022

The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with... High Unreviewed

CVE-2007-1063 was published May 1, 2022

The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in... Moderate Unreviewed

CVE-2006-7142 was published May 1, 2022

admin.php in SmartSiteCMS 1.0 allows remote attackers to bypass authentication and gain... High Unreviewed

CVE-2006-7074 was published May 1, 2022

Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP... Moderate Unreviewed

CVE-2005-3803 was published May 1, 2022

The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2... Moderate Unreviewed

CVE-2005-3716 was published May 1, 2022

Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back... High Unreviewed

CVE-2005-0496 was published May 1, 2022

The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known... High Unreviewed

CVE-2000-1139 was published Apr 30, 2022

A hardcoded cryptographic key in Automation360 22 allows an attacker to decrypt exported RPA... High Unreviewed

CVE-2022-29856 was published Apr 30, 2022

In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender... Critical Unreviewed

CVE-2021-34601 was published Apr 28, 2022

Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap... High Unreviewed

CVE-2022-23942 was published Apr 27, 2022

ASUS WebStorage has a hardcoded API Token in the APP source code. An unauthenticated remote... High Unreviewed

CVE-2022-26672 was published Apr 23, 2022

A vulnerability in the key-based SSH authentication mechanism of Cisco Umbrella Virtual Appliance... High Unreviewed

CVE-2022-20773 was published Apr 22, 2022

An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView... Critical Unreviewed

CVE-2021-40390 was published Apr 15, 2022

An authentication bypass vulnerability exists in the device password generation functionality of... Critical Unreviewed

CVE-2021-40422 was published Apr 15, 2022

Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the... Low Unreviewed

CVE-2020-25168 was published Apr 15, 2022

Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI Moderate Unreviewed

CVE-2022-27506 was published Apr 14, 2022

Previous 1 2 … 40 41 42 43 44 45 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,120 advisories