GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
171 advisories
Filter by severity
The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to...
Moderate
Unreviewed
CVE-2020-35137
was published
May 24, 2022
Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and...
Moderate
Unreviewed
CVE-2020-12376
was published
May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN...
Moderate
Unreviewed
CVE-2020-27256
was published
May 24, 2022
A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET...
Moderate
Unreviewed
CVE-2020-28395
was published
May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ...
Moderate
Unreviewed
CVE-2020-28391
was published
May 24, 2022
Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series,...
Moderate
Unreviewed
CVE-2020-10206
was published
May 24, 2022
Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which...
Moderate
Unreviewed
CVE-2020-29193
was published
May 24, 2022
In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local...
Moderate
Unreviewed
CVE-2020-0019
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3),...
Moderate
Unreviewed
CVE-2020-25231
was published
May 24, 2022
Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a...
Moderate
Unreviewed
CVE-2020-5667
was published
May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. PKI...
Moderate
Unreviewed
CVE-2020-25256
was published
May 24, 2022
In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to...
Moderate
Unreviewed
CVE-2020-24115
was published
May 24, 2022
The client (aka GalaxyClientService.exe) in GOG GALAXY 2.0.19 allows local privilege escalation...
Moderate
Unreviewed
CVE-2020-24574
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2020-10919
was published
May 24, 2022
The NetApp HCI H610S Baseboard Management Controller (BMC) is shipped with a documented default...
Moderate
Unreviewed
CVE-2020-8573
was published
May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account...
Moderate
Unreviewed
CVE-2020-15318
was published
May 24, 2022
Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in...
Moderate
Unreviewed
CVE-2020-9289
was published
May 24, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1...
Moderate
Unreviewed
CVE-2020-7501
was published
May 24, 2022
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by...
Moderate
Unreviewed
CVE-2020-13414
was published
May 24, 2022
An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.42. A bundled script...
Moderate
Unreviewed
CVE-2020-10996
was published
May 24, 2022
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242...
Moderate
Unreviewed
CVE-2020-11876
was published
May 24, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or...
Moderate
Unreviewed
CVE-2020-4269
was published
May 24, 2022
This vulnerability allows network-adjacent attackers execute arbitrary code on affected...
Moderate
Unreviewed
CVE-2020-10884
was published
May 24, 2022
The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the...
Moderate
Unreviewed
CVE-2019-5137
was published
May 24, 2022
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded...
Moderate
Unreviewed
CVE-2020-8657
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API