GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
433 advisories
Filter by severity
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for...
High
Unreviewed
CVE-2022-36159
was published
Sep 27, 2022
Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges...
High
Unreviewed
CVE-2022-31322
was published
Sep 14, 2022
bilde2910 Hauk v1.6.1 requires a hardcoded password which by default is blank. This hardcoded...
High
Unreviewed
CVE-2022-37857
was published
Sep 9, 2022
In TOTOLINK A860R V4.1.2cu.5182_B20201027 there is a hard coded password for root in /etc/shadow...
High
Unreviewed
CVE-2022-37841
was published
Sep 7, 2022
TOTOLINK A950RG V4.1.2cu.5204_B20210112 was discovered to contain a hardcoded password for root...
High
Unreviewed
CVE-2022-36612
was published
Aug 29, 2022
TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at...
High
Unreviewed
CVE-2022-36611
was published
Aug 29, 2022
TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a hardcoded password for root at...
High
Unreviewed
CVE-2022-36614
was published
Aug 29, 2022
TOTOLINK A810R V4.1.2cu.5182_B20201026 and V5.9c.4050_B20190424 was discovered to contain a...
High
Unreviewed
CVE-2022-36616
was published
Aug 29, 2022
TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at ...
High
Unreviewed
CVE-2022-36610
was published
Aug 29, 2022
TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a hardcoded password for root at...
High
Unreviewed
CVE-2022-36613
was published
Aug 29, 2022
TOTOLINK A3000RU V4.1.2cu.5185_B20201128 was discovered to contain a hardcoded password for root...
High
Unreviewed
CVE-2022-36615
was published
Aug 29, 2022
Nortek Linear eMerge E3-Series devices through 0.32-09c place admin credentials in /test.txt that...
High
Unreviewed
CVE-2022-31269
was published
Aug 26, 2022
MA Lighting grandMA2 Light has a password of root for the root account. NOTE: The vendor's...
High
Unreviewed
CVE-2022-30036
was published
Aug 22, 2022
MapGIS 10.5 Pro IGServer has hardcoded credentials in the front-end and can lead to escalation of...
High
Unreviewed
CVE-2022-36170
was published
Aug 20, 2022
MapGIS IGServer 10.5.6.11 is vulnerable to Arbitrary file deletion.
High
Unreviewed
CVE-2022-36171
was published
Aug 20, 2022
'Hulu / ????' App for Android from version 3.0.47 to the version prior to 3.1.2 uses a hard-coded...
High
Unreviewed
CVE-2022-35734
was published
Aug 17, 2022
In Ivanti Pulse Secure Pulse Connect Secure (PCS) before 9.1R12, the administrator password is...
High
Unreviewed
CVE-2021-44720
was published
Aug 13, 2022
IBM Security Verify Information Queue 10.0.2 contains hard-coded credentials, such as a password...
High
Unreviewed
CVE-2022-35287
was published
Jul 26, 2022
A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2....
High
Unreviewed
CVE-2022-34906
was published
Jul 26, 2022
A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiDDoS API 5.5.0 through 5.5...
High
Unreviewed
CVE-2022-29060
was published
Jul 20, 2022
This vulnerability affects all of the company's products that also include the FW versions:...
High
Unreviewed
CVE-2022-30627
was published
Jul 19, 2022
Disclosure of information - the system allows you to view usernames and passwords without...
High
Unreviewed
CVE-2022-30622
was published
Jul 18, 2022
Isode SWIFT v4.0.2 was discovered to contain hard-coded credentials in the Registry Editor. This...
High
Unreviewed
CVE-2022-32389
was published
Jul 15, 2022
IBM QRadar Network Security 5.4.0 and 5.5.0 contains hard-coded credentials, such as a password...
High
Unreviewed
CVE-2020-4157
was published
Jul 13, 2022
Use of Hard-coded Credentials in Nacos
High
CVE-2021-43116
was published
for
com.alibaba.nacos:nacos-client
(Maven)
Jul 6, 2022
ProTip!
Advisories are also available from the
GraphQL API