Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,204 advisories

Loading
A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2.... High Unreviewed
CVE-2022-34906 was published Jul 26, 2022
A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd... Critical Unreviewed
CVE-2022-22144 was published Aug 6, 2022
Dentsply Sirona (formerly Schick) CDR Dicom 5 and earlier has default passwords for the sa and... Critical Unreviewed
CVE-2016-6530 was published May 17, 2022
A design flaw in the Trane ComfortLink II SCC firmware version 2.0.2 service allows remote... Critical Unreviewed
CVE-2015-2867 was published May 17, 2022
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and... Moderate Unreviewed
CVE-2022-20844 was published Oct 1, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote,... Critical Unreviewed
CVE-2022-22522 was published Sep 29, 2022
Wavlink WN530HG4 M30HG4.V5030.191116 was discovered to contain a hardcoded encryption/decryption... Critical Unreviewed
CVE-2022-34045 was published Jul 21, 2022
Le-yan Personnel and Salary Management System has hard-coded database account and password within... Critical Unreviewed
CVE-2022-38116 was published Aug 31, 2022
Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. Critical Unreviewed
CVE-2021-22644 was published Jul 29, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2020-10919 was published May 24, 2022
An issue was discovered in Schneider Electric PowerLogic PM8ECC device 2.651 and older.... Critical Unreviewed
CVE-2016-5818 was published May 17, 2022
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8... Critical Unreviewed
CVE-2016-10115 was published May 17, 2022
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34440 was published Jan 11, 2023
IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password... High Unreviewed
CVE-2022-35287 was published Jul 26, 2022
Goldshell ASIC Miners v2.1.x was discovered to contain hardcoded credentials which allow... Critical Unreviewed
CVE-2022-24657 was published Jul 21, 2022
Disclosure of information - the system allows you to view usernames and passwords without... High Unreviewed
CVE-2022-30622 was published Jul 18, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed
CVE-2022-29962 was published Jul 27, 2022
D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded SSL private key, which... High Unreviewed
CVE-2016-10125 was published May 17, 2022
An issue was discovered in Siemens SICAM PAS before 8.00. A factory account with hard-coded... Critical Unreviewed
CVE-2016-8567 was published May 17, 2022
Foscam networked devices use the same hardcoded SSL private key across different customers'... High Unreviewed
CVE-2017-7648 was published May 17, 2022
OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine... Critical Unreviewed
CVE-2022-32965 was published Aug 5, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5... High Unreviewed
CVE-2022-29060 was published Jul 20, 2022
The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a... Critical Unreviewed
CVE-2022-26138 was published Jul 21, 2022
Isode SWIFT v4.0.2 was discovered to contain hard-coded credentials in the Registry Editor. This... High Unreviewed
CVE-2022-32389 was published Jul 15, 2022
Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account,... Critical Unreviewed
CVE-2016-10308 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database