GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
156 advisories
Filter by severity
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded...
Moderate
Unreviewed
CVE-2023-3262
was published
Aug 14, 2023
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow...
Moderate
Unreviewed
CVE-2022-44612
was published
Aug 11, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that...
Moderate
Unreviewed
CVE-2023-35763
was published
Jul 18, 2023
"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4...
Moderate
Unreviewed
CVE-2023-28387
was published
Jun 30, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050...
Moderate
Unreviewed
CVE-2023-33920
was published
Jun 13, 2023
JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may...
Moderate
Unreviewed
CVE-2023-27921
was published
May 23, 2023
The NetApp HCI H610S Baseboard Management Controller (BMC) is shipped with a documented default...
Moderate
Unreviewed
CVE-2020-8573
was published
May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account...
Moderate
Unreviewed
CVE-2020-15318
was published
May 24, 2022
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow...
Moderate
Unreviewed
CVE-2018-9195
was published
May 24, 2022
Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager...
Moderate
Unreviewed
CVE-2019-12376
was published
May 24, 2022
VVX products using UCS software version 5.8.0 and earlier with Better Together over Ethernet...
Moderate
Unreviewed
CVE-2019-10688
was published
May 24, 2022
Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local...
Moderate
Unreviewed
CVE-2024-3130
was published
Apr 1, 2024
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242...
Moderate
Unreviewed
CVE-2020-11876
was published
May 24, 2022
** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS5Password, with a salt...
Moderate
Unreviewed
CVE-2021-43575
was published
May 24, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29...
Moderate
Unreviewed
CVE-2022-29964
was published
Jul 27, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for...
Moderate
Unreviewed
CVE-2022-29960
was published
Jul 27, 2022
auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the (1) test, ...
Moderate
Unreviewed
CVE-2010-2073
was published
May 17, 2022
Honeywell Experion PKS Safety Manager 5.02 uses Hard-coded Credentials. According to FSCT-2022...
Moderate
Unreviewed
CVE-2022-30314
was published
Jul 29, 2022
The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2...
Moderate
Unreviewed
CVE-2005-3716
was published
May 1, 2022
Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded ("fixed") public and private SNMP...
Moderate
Unreviewed
CVE-2005-3803
was published
May 1, 2022
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users...
Moderate
Unreviewed
CVE-2010-2772
was published
May 17, 2022
manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key,...
Moderate
Unreviewed
CVE-2008-2369
was published
May 1, 2022
The centralized management feature for Utimaco Safeguard stores hard-coded cryptographic keys in...
Moderate
Unreviewed
CVE-2006-7142
was published
May 1, 2022
Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability...
Moderate
Unreviewed
CVE-2024-1344
was published
Feb 19, 2024
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password...
Moderate
Unreviewed
CVE-2024-22313
was published
Feb 10, 2024
ProTip!
Advisories are also available from the
GraphQL API