GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,120 advisories
Filter by severity
Use of Hard-coded Cryptographic Key in Netmaker
High
CVE-2022-23650
was published
for
github.com/gravitl/netmaker
(Go)
Feb 22, 2022
Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric...
Critical
Unreviewed
CVE-2021-27797
was published
Feb 22, 2022
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data...
High
Unreviewed
CVE-2021-46247
was published
Feb 18, 2022
BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat...
High
Unreviewed
CVE-2022-22765
was published
Feb 15, 2022
Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the...
Critical
Unreviewed
CVE-2020-36062
was published
Feb 12, 2022
Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be...
Moderate
Unreviewed
CVE-2022-22766
was published
Feb 12, 2022
Incorrect handling of credential expiry by /nats-io/nats-server
Critical
CVE-2020-26892
was published
for
github.com/nats-io/jwt
(Go)
Feb 11, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information...
High
Unreviewed
CVE-2022-22722
was published
Feb 11, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the...
Critical
Unreviewed
CVE-2022-22813
was published
Feb 11, 2022
The affected product has a hardcoded private key available inside the project folder, which may...
Critical
Unreviewed
CVE-2022-22987
was published
Feb 10, 2022
A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use...
Moderate
Unreviewed
CVE-2021-45106
was published
Feb 10, 2022
A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that...
High
Unreviewed
CVE-2021-42833
was published
Feb 8, 2022
Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source...
Critical
Unreviewed
CVE-2020-36064
was published
Feb 1, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to...
High
Unreviewed
CVE-2021-42635
was published
Feb 1, 2022
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W...
Moderate
Unreviewed
CVE-2022-21199
was published
Jan 29, 2022
MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key...
Critical
Unreviewed
CVE-2022-22928
was published
Jan 22, 2022
Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can be accessed without any...
Critical
Unreviewed
CVE-2021-23233
was published
Jan 22, 2022
Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains service credentials likely...
High
Unreviewed
CVE-2021-44464
was published
Jan 22, 2022
Communication to the AMC2 uses a state-of-the-art cryptographic algorithm for symmetric...
High
Unreviewed
CVE-2021-23842
was published
Jan 20, 2022
Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service...
Low
Unreviewed
CVE-2022-0131
was published
Jan 18, 2022
The Le-yan dental management system contains a hard-coded credentials vulnerability in the web...
Critical
Unreviewed
CVE-2022-22056
was published
Jan 15, 2022
Lack of administrator control over security vulnerability in MELSEC-F series FX3U-ENET Firmware...
High
Unreviewed
CVE-2021-20612
was published
Jan 15, 2022
A vulnerability has been identified in CP-8000 MASTER MODULE WITH I/O -25/+70°C (All versions <...
High
Unreviewed
CVE-2021-45033
was published
Jan 12, 2022
The Realm Server component of TIBCO Software Inc.'s TIBCO FTL - Community Edition, TIBCO FTL -...
High
Unreviewed
CVE-2021-43052
was published
Jan 12, 2022
QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736...
Critical
Unreviewed
CVE-2022-22845
was published
Jan 11, 2022
ProTip!
Advisories are also available from the
GraphQL API