Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

409 advisories

Loading
ROZCOM client CWE-798: Use of Hard-coded Credentials High Unreviewed
CVE-2023-31184 was published May 30, 2023
This vulnerability enables ssh access to minikube container using a default password. High Unreviewed
CVE-2023-1944 was published May 24, 2023
Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10... High Unreviewed
CVE-2023-27512 was published May 23, 2023
A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC... High Unreviewed
CVE-2023-26203 was published May 4, 2023
The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded... High Unreviewed
CVE-2022-41398 was published Apr 28, 2023
The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte... High Unreviewed
CVE-2022-41399 was published Apr 28, 2023
PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote... High Unreviewed
CVE-2022-45291 was published Apr 25, 2023
TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User ---... High Unreviewed
CVE-2022-37255 was published Apr 16, 2023
Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials... High Unreviewed
CVE-2023-22429 was published Apr 11, 2023
MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the... High Unreviewed
CVE-2023-0391 was published Mar 21, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet... High Unreviewed
CVE-2023-24147 was published Feb 3, 2023
Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure. The application... High Unreviewed
CVE-2023-23132 was published Feb 1, 2023
A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege... High Unreviewed
CVE-2022-42973 was published Feb 1, 2023
A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an... High Unreviewed
CVE-2023-20038 was published Jan 20, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password... High Unreviewed
CVE-2022-34462 was published Jan 18, 2023
Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism.... High Unreviewed
CVE-2022-36925 was published Jan 9, 2023
ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX... High Unreviewed
CVE-2022-4780 was published Dec 29, 2022
Some Dahua software products have a vulnerability of using of hard-coded cryptographic key. An... High Unreviewed
CVE-2022-45425 was published Dec 27, 2022
Nokia Fastmile 3tg00118abad52 devices shipped by Optus are shipped with a default hardcoded admin... High Unreviewed
CVE-2022-36222 was published Dec 21, 2022
Common encryption key appears to be used across all deployed instances of Serv-U FTP Server.... High Unreviewed
CVE-2021-35252 was published Dec 20, 2022
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a... High Unreviewed
CVE-2022-2660 was published Dec 14, 2022
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... High Unreviewed
CVE-2022-46411 was published Dec 4, 2022
Use of Hard-coded Password vulnerability in Mitsubishi Electric Corporation GX Works3 versions 1... High Unreviewed
CVE-2022-29831 was published Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29828 was published Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29827 was published Nov 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database