Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

447 advisories

Loading
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored... High Unreviewed
CVE-2021-25898 was published May 24, 2022
The default administrator account & password of the EDIMAX wireless network camera is hard-coded.... High Unreviewed
CVE-2021-30165 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 contains hard-coded credentials, such as a password or cryptographic... High Unreviewed
CVE-2020-4932 was published May 24, 2022
SonicWall Email Security Virtual Appliance version 10.0.9 and earlier versions contain a default... High Unreviewed
CVE-2021-20025 was published May 24, 2022
IBM Security Identity Manager 7.0.2 contains hard-coded credentials, such as a password or... High Unreviewed
CVE-2021-29691 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-31477 was published May 24, 2022
A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3),... High Unreviewed
CVE-2021-27392 was published May 24, 2022
Use of hard-coded credentials vulnerability in php component in Synology Calendar before 2.4.0... High Unreviewed
CVE-2021-34812 was published May 24, 2022
In certain devices of the Phoenix Contact AXL F BK and IL BK product families an undocumented... High Unreviewed
CVE-2021-33540 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions the usage of hard-coded cryptographic... High Unreviewed
CVE-2021-33529 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable use of hard-coded... High Unreviewed
CVE-2021-33531 was published May 24, 2022
This vulnerability allows attackers with physical access to escalate privileges on affected... High Unreviewed
CVE-2021-31505 was published May 24, 2022
Use of MAC address as an authenticated password in QSAN Storage Manager, XEVO, SANOS allows local... High Unreviewed
CVE-2021-32521 was published May 24, 2022
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API... High Unreviewed
CVE-2021-33220 was published May 24, 2022
Usage of hard-coded cryptographic keys to encrypt configuration files and debug logs in... High Unreviewed
CVE-2021-24005 was published May 24, 2022
Retty App for Android versions prior to 4.8.13 and Retty App for iOS versions prior to 4.11.14... High Unreviewed
CVE-2021-20748 was published May 24, 2022
Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by... High Unreviewed
CVE-2021-0279 was published May 24, 2022
A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D... High Unreviewed
CVE-2021-21818 was published May 24, 2022
A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter... High Unreviewed
CVE-2022-31619 was published Jun 15, 2022
SapphireIMS 5 utilized default sapphire:ims credentials to connect the client to server. This... High Unreviewed
CVE-2020-25561 was published May 24, 2022
Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus Nexto, Nexto Xpress, and Hadron... High Unreviewed
CVE-2021-39245 was published May 24, 2022
TOTOLINK A720R V4.1.5cu.532_B20210610 was discovered to contain a hardcoded password for root at ... High Unreviewed
CVE-2022-36610 was published Aug 29, 2022
An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. An attacker can... High Unreviewed
CVE-2021-33484 was published May 24, 2022
TOTOLINK A800R V4.1.2cu.5137_B20200730 was discovered to contain a hardcoded password for root at... High Unreviewed
CVE-2022-36611 was published Aug 29, 2022
TOTOLINK A810R V4.1.2cu.5182_B20201026 and V5.9c.4050_B20190424 was discovered to contain a... High Unreviewed
CVE-2022-36616 was published Aug 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database