GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
433 advisories
Filter by severity
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to...
High
Unreviewed
CVE-2019-3908
was published
May 13, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 uses ZODB storage without authentication.
High
Unreviewed
CVE-2020-15327
was published
Sep 30, 2022
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port...
High
Unreviewed
CVE-2019-3906
was published
May 13, 2022
The express install, which is the suggested way to install Puppet Enterprise, gives the user a...
High
Unreviewed
CVE-2019-10694
was published
May 24, 2022
Ingenico Telium 2 POS terminals have hardcoded FTP credentials. This is fixed in Telium 2 SDK v9...
High
Unreviewed
CVE-2018-17771
was published
May 24, 2022
Ingenico Telium 2 POS terminals have hardcoded PPP credentials. This is fixed in Telium 2 SDK v9...
High
Unreviewed
CVE-2018-17767
was published
May 24, 2022
KMS Controls BAC-A1616BC BACnet devices have a cleartext password of snowman in the BACKDOOR_NAME...
High
Unreviewed
CVE-2020-7233
was published
May 24, 2022
Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An...
High
Unreviewed
CVE-2022-45425
was published
Dec 27, 2022
The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code...
High
Unreviewed
CVE-2020-13166
was published
May 24, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader...
High
Unreviewed
CVE-2020-7498
was published
May 24, 2022
An issue was discovered in MK-AUTH 19.01. There is authentication bypass in the web login...
High
Unreviewed
CVE-2020-14070
was published
May 24, 2022
The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks...
High
Unreviewed
CVE-2021-0266
was published
May 24, 2022
Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with...
High
Unreviewed
CVE-2020-5351
was published
May 24, 2022
Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism....
High
Unreviewed
CVE-2022-36925
was published
Jan 9, 2023
GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for...
High
Unreviewed
CVE-2020-14510
was published
May 24, 2022
Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a...
High
Unreviewed
CVE-2022-38420
was published
Oct 15, 2022
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the...
High
Unreviewed
CVE-2020-11615
was published
May 24, 2022
Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process)...
High
Unreviewed
CVE-2020-16258
was published
May 24, 2022
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and...
High
Unreviewed
CVE-2020-29382
was published
May 24, 2022
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware...
High
Unreviewed
CVE-2020-11487
was published
May 24, 2022
In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local...
High
Unreviewed
CVE-2020-0016
was published
May 24, 2022
Unisys Stealth(core) before 4.0.132 stores Passwords in a Recoverable Format.
High
Unreviewed
CVE-2020-24620
was published
May 24, 2022
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1...
High
Unreviewed
CVE-2020-29375
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25229
was published
May 24, 2022
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If...
High
Unreviewed
CVE-2020-2499
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API