GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
171 advisories
Filter by severity
** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt...
Moderate
Unreviewed
CVE-2021-43575
was published
May 24, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29...
Moderate
Unreviewed
CVE-2022-29964
was published
Jul 27, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for...
Moderate
Unreviewed
CVE-2022-29960
was published
Jul 27, 2022
auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the (1) test, ...
Moderate
Unreviewed
CVE-2010-2073
was published
May 17, 2022
The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2...
Moderate
Unreviewed
CVE-2005-3716
was published
May 1, 2022
Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP...
Moderate
Unreviewed
CVE-2005-3803
was published
May 1, 2022
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022...
Moderate
Unreviewed
CVE-2022-30314
was published
Jul 29, 2022
manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key,...
Moderate
Unreviewed
CVE-2008-2369
was published
May 1, 2022
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users...
Moderate
Unreviewed
CVE-2010-2772
was published
May 17, 2022
The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in...
Moderate
Unreviewed
CVE-2006-7142
was published
May 1, 2022
Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability...
Moderate
Unreviewed
CVE-2024-1344
was published
Feb 19, 2024
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password...
Moderate
Unreviewed
CVE-2024-22313
was published
Feb 10, 2024
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a...
Moderate
Unreviewed
CVE-2024-23453
was published
Jan 24, 2024
Use of encryption key derived from static information in Synaptics Fingerprint Driver allows
an...
Moderate
Unreviewed
CVE-2023-6482
was published
Jan 27, 2024
Flient Smart Door Lock v1.0 is vulnerable to Use of Default Credentials. Due to default...
Moderate
Unreviewed
CVE-2023-50124
was published
Jan 11, 2024
Hard-coded credentials in org.folio:mod-remote-storage
Moderate
CVE-2024-23685
was published
for
org.folio:mod-remote-storage
(Maven)
Jan 19, 2024
Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka...
Moderate
Unreviewed
CVE-2023-46919
was published
Dec 27, 2023
Phlox com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus has an Android...
Moderate
Unreviewed
CVE-2023-46918
was published
Dec 28, 2023
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses...
Moderate
Unreviewed
CVE-2023-49228
was published
Dec 28, 2023
The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded...
Moderate
Unreviewed
CVE-2023-28897
was published
Jan 12, 2024
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or...
Moderate
Unreviewed
CVE-2023-50948
was published
Jan 8, 2024
In Pexip VMR self-service portal before 3, the same SSH host key is used across different...
Moderate
Unreviewed
CVE-2023-40236
was published
Dec 25, 2023
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an...
Moderate
Unreviewed
CVE-2023-46711
was published
Dec 26, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or...
Moderate
Unreviewed
CVE-2023-47704
was published
Dec 20, 2023
SmartStar Software CWS is a web-base integration platform, it has a vulnerability of using a hard...
Moderate
Unreviewed
CVE-2023-48374
was published
Dec 15, 2023
ProTip!
Advisories are also available from the
GraphQL API