GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,009
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,065
Maven 5,241
npm 3,744
NuGet 668
pip 3,427
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,198

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

552 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered on FiberHome HG6245D devices through RP2613. Credentials in /fhconf... Critical Unreviewed

CVE-2021-27141 was published May 24, 2022

The affected product allows attackers to obtain sensitive information from the WISE-PaaS... Critical Unreviewed

CVE-2021-27437 was published May 24, 2022

BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the use of hard-coded... Critical Unreviewed

CVE-2021-22667 was published May 24, 2022

The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded encryption key,... Critical Unreviewed

CVE-2020-35138 was published May 24, 2022

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded... Critical Unreviewed

CVE-2021-0248 was published May 24, 2022

Inim Electronics Smartliving SmartLAN/G/SI <=6.x uses default hardcoded credentials. An attacker... Critical Unreviewed

CVE-2020-21995 was published May 24, 2022

IBM Security Guardium 11.2 contains hard-coded credentials, such as a password or cryptographic... Critical Unreviewed

CVE-2021-20426 was published May 24, 2022

In Bender/ebee Charge Controllers in multiple versions are prone to Hardcoded Credentials. Bender... Critical Unreviewed

CVE-2021-34601 was published Apr 28, 2022

UNNO v03.11.00 was discovered to contain access control issue. Critical Unreviewed

CVE-2022-25521 was published Mar 30, 2022

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard... Critical Unreviewed

CVE-2021-33219 was published May 24, 2022

An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard... Critical Unreviewed

CVE-2021-33218 was published May 24, 2022

Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin... Critical Unreviewed

CVE-2021-35961 was published May 24, 2022

A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK... Critical Unreviewed

CVE-2021-21820 was published May 24, 2022

Dell EMC Networking S4100 and S5200 Series Switches manufactured prior to February 2020 contain a... Critical Unreviewed

CVE-2020-5349 was published May 24, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 /... Critical Unreviewed

CVE-2021-22707 was published May 24, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 /... Critical Unreviewed

CVE-2021-22730 was published May 24, 2022

Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser... Critical Unreviewed

CVE-2021-31579 was published May 24, 2022

Totolink A3600R_Firmware V4.1.2cu.5182_B20201102 contains a hard code password for root in /etc... Critical Unreviewed

CVE-2022-34993 was published Aug 5, 2022

Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. This allows a... Critical Unreviewed

CVE-2021-27952 was published May 24, 2022

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus... Critical Unreviewed

CVE-2021-37163 was published May 24, 2022

KubePi allows malicious actor to login with a forged JWT token via Hardcoded Jwtsigkeys Critical

CVE-2023-22463 was published for github.com/KubeOperator/kubepi (Go) Jan 6, 2023

A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below,... Critical Unreviewed

CVE-2021-32588 was published May 24, 2022

D-Link DIR845L v1.00-v1.03 contains a Static Default Credential vulnerability in /etc/init0.d... Critical Unreviewed

CVE-2022-38557 was published Aug 29, 2022

Trendnet TEW733GR v1.03B01 contains a Static Default Credential vulnerability in /etc/init0.d... Critical Unreviewed

CVE-2022-38556 was published Aug 29, 2022

D-Link DVX-2000MS contains hard-coded credentials for undocumented user accounts in the '/etc... Critical Unreviewed

CVE-2021-39614 was published May 24, 2022

Previous 1 2 … 5 6 7 8 9 … 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

552 advisories