GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,179 advisories
Filter by severity
RunAsSpc 4.0 uses a universal and recoverable encryption key. In possession of a file encrypted...
High
Unreviewed
CVE-2022-26660
was published
Mar 17, 2022
Hard coded credentials in FreeTAKServer
High
CVE-2022-25510
was published
for
FreeTAKServer
(pip)
Mar 12, 2022
The following Yokogawa Electric products do not change the passwords of the internal Windows...
Critical
Unreviewed
CVE-2022-21194
was published
Mar 12, 2022
The following Yokogawa Electric products hard-code the password for CAMS server applications:...
Critical
Unreviewed
CVE-2022-23402
was published
Mar 12, 2022
Improper physical access control and use of hard-coded credentials in /etc/passwd permits an...
High
Unreviewed
CVE-2022-25213
was published
Mar 11, 2022
Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on...
High
Unreviewed
CVE-2022-25217
was published
Mar 11, 2022
Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to...
High
Unreviewed
CVE-2022-24255
was published
Mar 3, 2022
Home Owners Collection Management System v1.0 was discovered to contain hardcoded credentials...
Critical
Unreviewed
CVE-2022-25045
was published
Mar 3, 2022
Trend Micro ServerProtect 6.0/5.8 Information Server uses a static credential to perform...
Critical
Unreviewed
CVE-2022-25329
was published
Feb 25, 2022
Use of Hard-coded Cryptographic Key in Netmaker
High
CVE-2022-23650
was published
for
github.com/gravitl/netmaker
(Go)
Feb 22, 2022
Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all versions of Brocade Fabric...
Critical
Unreviewed
CVE-2021-27797
was published
Feb 22, 2022
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data...
High
Unreviewed
CVE-2021-46247
was published
Feb 18, 2022
BD Viper LT system, versions 2.0 and later, contains hardcoded credentials. If exploited, threat...
High
Unreviewed
CVE-2022-22765
was published
Feb 15, 2022
Dairy Farm Shop Management System v1.0 was discovered to contain hardcoded credentials in the...
Critical
Unreviewed
CVE-2020-36062
was published
Feb 12, 2022
Hardcoded credentials are used in specific BD Pyxis products. If exploited, threat actors may be...
Moderate
Unreviewed
CVE-2022-22766
was published
Feb 12, 2022
Incorrect handling of credential expiry by /nats-io/nats-server
Critical
CVE-2020-26892
was published
for
github.com/nats-io/jwt
(Go)
Feb 11, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could result in information...
High
Unreviewed
CVE-2022-22722
was published
Feb 11, 2022
A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the...
Critical
Unreviewed
CVE-2022-22813
was published
Feb 11, 2022
The affected product has a hardcoded private key available inside the project folder, which may...
Critical
Unreviewed
CVE-2022-22987
was published
Feb 10, 2022
A vulnerability has been identified in SICAM TOOLBOX II (All versions). Affected applications use...
Moderate
Unreviewed
CVE-2021-45106
was published
Feb 10, 2022
A Use of Hardcoded Credentials vulnerability exists in AquaView versions 1.60, 7.x, and 8.x that...
High
Unreviewed
CVE-2021-42833
was published
Feb 8, 2022
Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source...
Critical
Unreviewed
CVE-2020-36064
was published
Feb 1, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to...
High
Unreviewed
CVE-2021-42635
was published
Feb 1, 2022
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W...
Moderate
Unreviewed
CVE-2022-21199
was published
Jan 29, 2022
MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key...
Critical
Unreviewed
CVE-2022-22928
was published
Jan 22, 2022
ProTip!
Advisories are also available from the
GraphQL API