GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
522 advisories
Filter by severity
The listed versions of Nexx Smart Home devices use hard-coded credentials. An attacker with...
Critical
Unreviewed
CVE-2023-1748
was published
Apr 4, 2023
Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded...
Critical
Unreviewed
CVE-2023-28654
was published
Mar 28, 2023
Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows...
Critical
Unreviewed
CVE-2022-22512
was published
Mar 23, 2023
A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0...
Critical
Unreviewed
CVE-2023-26511
was published
Mar 14, 2023
The Akuvox E11 secure shell (SSH) server is enabled by default and can be accessed by the root...
Critical
Unreviewed
CVE-2023-0345
was published
Mar 13, 2023
Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC...
Critical
Unreviewed
CVE-2023-22344
was published
Mar 6, 2023
ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded...
Critical
Unreviewed
CVE-2023-26462
was published
Feb 23, 2023
Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP...
Critical
Unreviewed
CVE-2022-46637
was published
Feb 21, 2023
Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could...
Critical
Unreviewed
CVE-2022-3089
was published
Feb 13, 2023
Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software...
Critical
Unreviewed
CVE-2022-45766
was published
Feb 10, 2023
Western Digital My Cloud devices before OS5 have a nobody account with a blank password.
Critical
Unreviewed
CVE-2021-36224
was published
Feb 6, 2023
TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which...
Critical
Unreviewed
CVE-2023-24155
was published
Feb 3, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is...
Critical
Unreviewed
CVE-2023-24149
was published
Feb 3, 2023
A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to...
Critical
Unreviewed
CVE-2022-48113
was published
Feb 3, 2023
Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3...
Critical
Unreviewed
CVE-2023-24022
was published
Jan 26, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded...
Critical
Unreviewed
CVE-2022-34442
was published
Jan 18, 2023
EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented...
Critical
Unreviewed
CVE-2022-39185
was published
Jan 12, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded...
Critical
Unreviewed
CVE-2022-34441
was published
Jan 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded...
Critical
Unreviewed
CVE-2022-34440
was published
Jan 11, 2023
In the DES implementation, the affected product versions use a default key for encryption....
Critical
Unreviewed
CVE-2021-40342
was published
Jan 6, 2023
The affected products store both public and private key that are used to sign and protect Custom...
Critical
Unreviewed
CVE-2022-3927
was published
Jan 6, 2023
Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An...
Critical
Unreviewed
CVE-2022-47618
was published
Jan 3, 2023
A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected...
Critical
Unreviewed
CVE-2014-125030
was published
Jan 1, 2023
Mutiny 7.2.0-10788 suffers from Hardcoded root password.
Critical
Unreviewed
CVE-2022-37832
was published
Dec 17, 2022
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an...
Critical
Unreviewed
CVE-2022-41653
was published
Dec 14, 2022
ProTip!
Advisories are also available from the
GraphQL API