Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

441 advisories

Loading
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider... High Unreviewed
CVE-2023-28937 was published Jun 1, 2023
ROZCOM client CWE-798: Use of Hard-coded Credentials High Unreviewed
CVE-2023-31184 was published May 30, 2023
This vulnerability enables ssh access to minikube container using a default password. High Unreviewed
CVE-2023-1944 was published May 24, 2023
Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10... High Unreviewed
CVE-2023-27512 was published May 23, 2023
A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC... High Unreviewed
CVE-2023-26203 was published May 4, 2023
The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte... High Unreviewed
CVE-2022-41399 was published Apr 28, 2023
The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded... High Unreviewed
CVE-2022-41398 was published Apr 28, 2023
PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote... High Unreviewed
CVE-2022-45291 was published Apr 25, 2023
TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User ---... High Unreviewed
CVE-2022-37255 was published Apr 16, 2023
Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials... High Unreviewed
CVE-2023-22429 was published Apr 11, 2023
In Bitnami Containers, all Laravel container versions prior to: 6.20.0-debian-10-r107 for Laravel... High Unreviewed
CVE-2021-21979 was published May 24, 2022
A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829... High Unreviewed
CVE-2020-3234 was published May 24, 2022
Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attackers to execute arbitrary code... High Unreviewed
CVE-2019-3983 was published May 24, 2022
Brocade SANnav versions before v2.0 use a hard-coded password, which could allow local... High Unreviewed
CVE-2019-16207 was published May 24, 2022
The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a... High Unreviewed
CVE-2018-18929 was published May 24, 2022
CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default... High Unreviewed
CVE-2019-13657 was published May 24, 2022
ifw8 Router ROM v4.31 allows credential disclosure by reading the action/usermanager.htm HTML... High Unreviewed
CVE-2019-16313 was published May 24, 2022
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN... High Unreviewed
CVE-2019-13530 was published May 24, 2022
The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the... High Unreviewed
CVE-2019-15867 was published May 24, 2022
The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the... High Unreviewed
CVE-2019-15745 was published May 24, 2022
The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for... High Unreviewed
CVE-2016-10928 was published May 24, 2022
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR... High Unreviewed
CVE-2019-9229 was published May 24, 2022
A vulnerability in the Cisco FindIT Network Management Software virtual machine (VM) images could... High Unreviewed
CVE-2019-1919 was published May 24, 2022
Optergy Proton/Enterprise devices have Hard-coded Credentials. High Unreviewed
CVE-2019-7279 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-11947 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database