GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
430 advisories
Filter by severity
An attacker with local network access can obtain a fixed cryptography key which may allow for...
High
Unreviewed
CVE-2020-25173
was published
May 24, 2022
Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial...
High
Unreviewed
CVE-2020-26509
was published
May 24, 2022
A vulnerability in Cisco Smart Software Manager Satellite could allow an authenticated, local...
High
Unreviewed
CVE-2021-1219
was published
May 24, 2022
An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. A...
High
Unreviewed
CVE-2020-29383
was published
May 24, 2022
IBM Security Verify Bridge contains hard-coded credentials, such as a password or cryptographic...
High
Unreviewed
CVE-2021-20442
was published
May 24, 2022
SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and...
High
Unreviewed
CVE-2021-25275
was published
May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. The web management is done...
High
Unreviewed
CVE-2021-27142
was published
May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 contains hard-coded credentials, such as a...
High
Unreviewed
CVE-2021-20412
was published
May 24, 2022
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The...
High
Unreviewed
CVE-2020-35567
was published
May 24, 2022
An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by...
High
Unreviewed
CVE-2020-25620
was published
May 24, 2022
Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials"...
High
Unreviewed
CVE-2020-9306
was published
May 24, 2022
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing...
High
Unreviewed
CVE-2020-7846
was published
May 24, 2022
An issue was discovered in Scytl sVote 2.1. Due to the implementation of the database manager, an...
High
Unreviewed
CVE-2019-25021
was published
May 24, 2022
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: ...
High
Unreviewed
CVE-2022-37710
was published
Nov 7, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected...
High
Unreviewed
CVE-2021-27254
was published
May 24, 2022
An issue was discovered on Athom Homey and Homey Pro devices before 5.0.0. ZigBee hub devices...
High
Unreviewed
CVE-2020-28952
was published
May 24, 2022
A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion...
High
Unreviewed
CVE-2021-0245
was published
May 24, 2022
'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded...
High
Unreviewed
CVE-2022-35734
was published
Aug 17, 2022
In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow...
High
Unreviewed
CVE-2022-37841
was published
Sep 7, 2022
IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic...
High
Unreviewed
CVE-2021-20401
was published
May 24, 2022
An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8...
High
Unreviewed
CVE-2020-28999
was published
May 24, 2022
On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption...
High
Unreviewed
CVE-2020-14099
was published
May 24, 2022
SITEL CAP/PRX firmware version 5.2.01 makes use of a hardcoded password. An attacker with access...
High
Unreviewed
CVE-2021-32454
was published
May 24, 2022
Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code...
High
Unreviewed
CVE-2021-28111
was published
May 24, 2022
A flaw was found in the ceph-ansible playbook where it contained hardcoded passwords that were...
High
Unreviewed
CVE-2020-1716
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API