GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,374

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

180 advisories

Filter by severity

Sort by

Least recently updated

Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 allows local users to decrypt... Moderate Unreviewed

CVE-2021-36234 was published May 24, 2022

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials,... Moderate Unreviewed

CVE-2021-29728 was published May 24, 2022

Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7... Moderate Unreviewed

CVE-2021-27503 was published May 24, 2022

IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or... Moderate Unreviewed

CVE-2021-20537 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco Business Process... Moderate Unreviewed

CVE-2021-1576 was published May 24, 2022

ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products utilize an encryption key in... Moderate Unreviewed

CVE-2021-27481 was published May 24, 2022

An issue was discovered on Enphase Envoy R3.x and D4.x devices. There are hardcoded web-panel... Moderate Unreviewed

CVE-2020-25752 was published May 24, 2022

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a... Moderate Unreviewed

CVE-2021-3565 was published May 24, 2022

A security vulnerability in HPE Unified Data Management (UDM) could allow the local disclosure of... Moderate Unreviewed

CVE-2021-26579 was published May 24, 2022

The MobileIron agents through 2021-03-22 for Android and iOS contain a hardcoded API key, used to... Moderate Unreviewed

CVE-2020-35137 was published May 24, 2022

Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and... Moderate Unreviewed

CVE-2020-12376 was published May 24, 2022

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN... Moderate Unreviewed

CVE-2020-27256 was published May 24, 2022

A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET... Moderate Unreviewed

CVE-2020-28395 was published May 24, 2022

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Moderate Unreviewed

CVE-2020-28391 was published May 24, 2022

Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series,... Moderate Unreviewed

CVE-2020-10206 was published May 24, 2022

Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which... Moderate Unreviewed

CVE-2020-29193 was published May 24, 2022

In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local... Moderate Unreviewed

CVE-2020-0019 was published May 24, 2022

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3),... Moderate Unreviewed

CVE-2020-25231 was published May 24, 2022

Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a... Moderate Unreviewed

CVE-2020-5667 was published May 24, 2022

An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. PKI... Moderate Unreviewed

CVE-2020-25256 was published May 24, 2022

In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to... Moderate Unreviewed

CVE-2020-24115 was published May 24, 2022

The client (aka GalaxyClientService.exe) in GOG GALAXY 2.0.19 allows local privilege escalation... Moderate Unreviewed

CVE-2020-24574 was published May 24, 2022

This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2020-10919 was published May 24, 2022

The NetApp HCI H610S Baseboard Management Controller (BMC) is shipped with a documented default... Moderate Unreviewed

CVE-2020-8573 was published May 24, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account... Moderate Unreviewed

CVE-2020-15318 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

180 advisories