GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,948
Composer 4,873
Erlang 37
GitHub Actions 36
Go 2,519
Maven 5,959
npm 4,156
NuGet 736
pip 3,956
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 270,233

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

608 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is... Critical Unreviewed

CVE-2022-30422 was published Jun 18, 2022

Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a hard-coded credential which may allow a... Critical Unreviewed

CVE-2022-29525 was published Jun 14, 2022

MEDHOST Connex contains hard-coded credentials that are used for customer database access. An... Critical Unreviewed

CVE-2017-11614 was published May 17, 2022

Backup archives were found to be encrypted with a static password across different installations,... Critical Unreviewed

CVE-2017-11380 was published May 17, 2022

MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr... Critical Unreviewed

CVE-2017-11694 was published May 17, 2022

A vulnerability was found in SICUNET Access Controller 0.32-05z. It has been classified as very... Critical Unreviewed

CVE-2017-20039 was published Jun 12, 2022

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to... Critical Unreviewed

CVE-2022-30234 was published Jun 3, 2022

LinkPlay Sound Bar v1.0 allows attackers to escalate privileges via a hardcoded password for the... Critical Unreviewed

CVE-2022-28605 was published Jun 3, 2022

MEDHOST Document Management System contains hard-coded credentials that are used for customer... Critical Unreviewed

CVE-2017-11693 was published May 17, 2022

MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer... Critical Unreviewed

CVE-2017-11743 was published May 17, 2022

USR IOT 4G LTE Industrial Cellular VPN Router v1.0.36 was discovered to contain hard-coded... Critical Unreviewed

CVE-2022-29730 was published Jun 3, 2022

A vulnerability was found in Telecommunication Software SAMwin Contact Center Suite 5.1. It has... Critical Unreviewed

CVE-2013-10002 was published May 25, 2022

An attacker can gain full access (read/write/delete) to sensitive folders due to hard-coded... Critical Unreviewed

CVE-2021-33016 was published May 27, 2022

SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and... Critical Unreviewed

CVE-2020-13963 was published May 24, 2022

Undocumented Default Cryptographic Key Vulnerability in Cohesity DataPlatform version 6.3 prior 6... Critical Unreviewed

CVE-2021-28123 was published May 24, 2022

Sanitization Management System v1.0 was discovered to contain hardcoded credentials which allows... Critical Unreviewed

CVE-2022-44096 was published Nov 30, 2022

Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the ... Critical Unreviewed

CVE-2019-5021 was published May 24, 2022

IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded credentials, such as a... Critical Unreviewed

CVE-2020-4854 was published May 24, 2022

Book Store Management System v1.0 was discovered to contain hardcoded credentials which allows... Critical Unreviewed

CVE-2022-44097 was published Nov 30, 2022

A specific file on the sERP server if Kyungrinara(ERP solution) has a fixed password with the... Critical Unreviewed

CVE-2022-41157 was published Nov 25, 2022

An exploitable unsafe default configuration vulnerability exists in the TURN server function of... Critical Unreviewed

CVE-2018-4059 was published May 13, 2022

An authentication bypass vulnerability exists in the device password generation functionality of... Critical Unreviewed

CVE-2021-40422 was published Apr 15, 2022

An authentication bypass vulnerability exists in the Web Application functionality of Moxa MXView... Critical Unreviewed

CVE-2021-40390 was published Apr 15, 2022

A use of hard-coded cryptographic key vulnerability [CWE-321] in FortiEDR versions 5.0.2, 5.0.1,... Critical Unreviewed

CVE-2022-23441 was published Apr 7, 2022

Bettini Srl GAMS Product Line v4.3.0 was discovered to re-use static SSH keys across... Critical Unreviewed

CVE-2022-25569 was published Apr 5, 2022

Previous 1…2425 Next

Previous 1 2 … 21 22 23 24 25 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

608 advisories