GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,230
Composer 4,347
Erlang 31
GitHub Actions 22
Go 2,117
Maven 5,289
npm 3,768
NuGet 680
pip 3,457
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,668

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

177 advisories

Filter by severity

Sort by

Least recently updated

Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed

CVE-2021-1576 was published May 24, 2022

IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or... Moderate Unreviewed

CVE-2021-20537 was published May 24, 2022

Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7... Moderate Unreviewed

CVE-2021-27503 was published May 24, 2022

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials,... Moderate Unreviewed

CVE-2021-29728 was published May 24, 2022

Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt... Moderate Unreviewed

CVE-2021-36234 was published May 24, 2022

Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an... Moderate Unreviewed

CVE-2021-34571 was published May 24, 2022

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an... Moderate Unreviewed

CVE-2021-34757 was published May 24, 2022

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an... Moderate Unreviewed

CVE-2021-34744 was published May 24, 2022

A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with... Moderate Unreviewed

CVE-2021-41320 was published May 24, 2022

** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt... Moderate Unreviewed

CVE-2021-43575 was published May 24, 2022

IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded encryption key that could... Moderate Unreviewed

CVE-2019-4220 was published May 24, 2022

A CWE-798: Use of Hardcoded Credentials vulnerability exists in Modicon Controllers (All versions... Moderate Unreviewed

CVE-2019-6859 was published May 24, 2022

A hard-coded password vulnerability exists in the SFTP Log Collection Server function of Trend... Moderate Unreviewed

CVE-2021-32459 was published May 24, 2022

In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the... Moderate Unreviewed

CVE-2020-27278 was published May 24, 2022

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the... Moderate Unreviewed

CVE-2021-42892 was published Jun 4, 2022

An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES... Moderate Unreviewed

CVE-2022-25807 was published Jun 10, 2022

Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for... Moderate Unreviewed

CVE-2022-29960 was published Jul 27, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29963 was published Jul 27, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29964 was published Jul 27, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29962 was published Jul 27, 2022

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022... Moderate Unreviewed

CVE-2022-30314 was published Jul 29, 2022

Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow... Moderate Unreviewed

CVE-2022-38069 was published Sep 14, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. Moderate Unreviewed

CVE-2020-15326 was published Sep 30, 2022

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and... Moderate Unreviewed

CVE-2022-20844 was published Oct 1, 2022

The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when... Moderate Unreviewed

CVE-2022-41540 was published Oct 18, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

177 advisories