Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

161 advisories

Loading
Hard-Coded Key Used For Remember-me Token in Opencast Moderate
CVE-2020-5222 was published for org.opencastproject:opencast-kernel (Maven) Jan 30, 2020
LukasKalbertodt
An information disclosure vulnerability exists due to the hardcoded TLS key of reolink RLC-410W... Moderate Unreviewed
CVE-2022-21199 was published Jan 29, 2022
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS... Moderate Unreviewed
CVE-2020-25193 was published Mar 19, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a... Moderate Unreviewed
CVE-2020-25180 was published Mar 19, 2022
GE UR bootloader binary Version 7.00, 7.01 and 7.02 included unused hardcoded credentials.... Moderate Unreviewed
CVE-2021-27430 was published Mar 24, 2022
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user... Moderate Unreviewed
CVE-2022-22560 was published Apr 13, 2022
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI Moderate Unreviewed
CVE-2022-27506 was published Apr 14, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials, such as a password or... Moderate Unreviewed
CVE-2020-4269 was published May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. PKI... Moderate Unreviewed
CVE-2020-25256 was published May 24, 2022
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the... Moderate Unreviewed
CVE-2021-42892 was published Jun 4, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed
CVE-2021-1576 was published May 24, 2022
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES... Moderate Unreviewed
CVE-2022-25807 was published Jun 10, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed
CVE-2022-29962 was published Jul 27, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2020-10919 was published May 24, 2022
A vulnerability in authentication mechanism of Cisco Software-Defined Application Visibility and... Moderate Unreviewed
CVE-2022-20844 was published Oct 1, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed
CVE-2022-29963 was published Jul 27, 2022
Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in... Moderate Unreviewed
CVE-2020-9289 was published May 24, 2022
Hardcoded credential is found in affected products' message queue. An attacker that manages to... Moderate Unreviewed
CVE-2022-3928 was published Jan 6, 2023
Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network... Moderate Unreviewed
CVE-2022-34840 was published Dec 7, 2022
A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate... Moderate Unreviewed
CVE-2022-4611 was published Dec 19, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded certificate for Ejabberd in ejabberd.pem. Moderate Unreviewed
CVE-2020-15326 was published Sep 30, 2022
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded... Moderate Unreviewed
CVE-2020-8657 was published May 24, 2022
In IXP EasyInstall 6.2.13723, there are cleartext credentials in network communication on TCP... Moderate Unreviewed
CVE-2019-19898 was published May 24, 2022
The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the... Moderate Unreviewed
CVE-2019-5137 was published May 24, 2022
An issue was discovered in Percona XtraDB Cluster before 5.7.28-31.42. A bundled script... Moderate Unreviewed
CVE-2020-10996 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database