GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,952

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

163 advisories

Filter by severity

Sort by

Least recently updated

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... Moderate Unreviewed

CVE-2023-37858 was published Aug 9, 2023

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed

CVE-2023-35763 was published Jul 18, 2023

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4... Moderate Unreviewed

CVE-2023-28387 was published Jun 30, 2023

A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects... Moderate Unreviewed

CVE-2023-3237 was published Jun 14, 2023

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... Moderate Unreviewed

CVE-2023-33920 was published Jun 13, 2023

JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may... Moderate Unreviewed

CVE-2023-27921 was published May 23, 2023

A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471.... Moderate Unreviewed

CVE-2023-0808 was published Feb 13, 2023

PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys... Moderate Unreviewed

CVE-2022-34449 was published Feb 11, 2023

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ... Moderate Unreviewed

CVE-2022-34386 was published Feb 11, 2023

Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows... Moderate Unreviewed

CVE-2023-21426 was published Feb 9, 2023

Hardcoded credential is found in affected products' message queue. An attacker that manages to... Moderate Unreviewed

CVE-2022-3928 was published Jan 6, 2023

A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate... Moderate Unreviewed

CVE-2022-4611 was published Dec 19, 2022

Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network... Moderate Unreviewed

CVE-2022-34840 was published Dec 7, 2022

In the Kaden PICOFLUX AiR water meter an adversary can read the values through wireless M-Bus... Moderate Unreviewed

CVE-2021-34577 was published Nov 9, 2022

The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when... Moderate Unreviewed

CVE-2022-41540 was published Oct 18, 2022

A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and... Moderate Unreviewed

CVE-2022-20844 was published Oct 1, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. Moderate Unreviewed

CVE-2020-15326 was published Sep 30, 2022

Multiple globally default credentials exist across all CMS8000 devices, that once exposed, allow... Moderate Unreviewed

CVE-2022-38069 was published Sep 14, 2022

Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022... Moderate Unreviewed

CVE-2022-30314 was published Jul 29, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29963 was published Jul 27, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29962 was published Jul 27, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29964 was published Jul 27, 2022

Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for... Moderate Unreviewed

CVE-2022-29960 was published Jul 27, 2022

An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES... Moderate Unreviewed

CVE-2022-25807 was published Jun 10, 2022

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the... Moderate Unreviewed

CVE-2021-42892 was published Jun 4, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

163 advisories