GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
537 advisories
Filter by severity
Chirp Access improperly stores credentials within its source code, potentially exposing...
Critical
Unreviewed
CVE-2024-2197
was published
Mar 20, 2024
A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0)...
Critical
Unreviewed
CVE-2024-23816
was published
Feb 13, 2024
An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via...
Critical
Unreviewed
CVE-2023-38995
was published
Feb 7, 2024
D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account...
Critical
Unreviewed
CVE-2024-22853
was published
Feb 6, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded...
Critical
Unreviewed
CVE-2024-21764
was published
Feb 2, 2024
Multiple MachineSense devices have credentials unable to be changed by the user or...
Critical
Unreviewed
CVE-2023-46706
was published
Feb 2, 2024
TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root...
Critical
Unreviewed
CVE-2024-24324
was published
Jan 30, 2024
DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key.
Critical
Unreviewed
CVE-2023-51840
was published
Jan 29, 2024
A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote,...
Critical
Unreviewed
CVE-2024-23619
was published
Jan 26, 2024
An issue in the default configurations of ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION...
Critical
Unreviewed
CVE-2023-51200
was published
Jan 23, 2024
Root user password is hardcoded into the device and cannot be changed in the user interface.
Critical
Unreviewed
CVE-2023-49253
was published
Jan 12, 2024
Kaifa Technology WebITR is an online attendance system, it has a vulnerability in using hard...
Critical
Unreviewed
CVE-2023-48392
was published
Dec 15, 2023
Multisuns EasyLog web+ has a vulnerability of using hard-coded credentials. An remote attacker...
Critical
Unreviewed
CVE-2023-48388
was published
Dec 15, 2023
NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key.
Critical
Unreviewed
CVE-2023-40300
was published
Dec 7, 2023
The affected devices use publicly available default credentials with administrative privileges.
Critical
Unreviewed
CVE-2023-39169
was published
Dec 7, 2023
Unitronics Vision Series PLCs and HMIs use default administrative passwords. An unauthenticated...
Critical
Unreviewed
CVE-2023-6448
was published
Dec 5, 2023
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials...
Critical
Unreviewed
CVE-2023-23324
was published
Nov 29, 2023
First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated...
Critical
Unreviewed
CVE-2023-47213
was published
Nov 16, 2023
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the...
Critical
Unreviewed
CVE-2023-47800
was published
Nov 10, 2023
Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is...
Critical
Unreviewed
CVE-2023-5777
was published
Nov 6, 2023
VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain hardcoded...
Critical
Unreviewed
CVE-2023-45499
was published
Oct 27, 2023
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/...
Critical
Unreviewed
CVE-2018-17558
was published
Oct 27, 2023
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key
Critical
Unreviewed
CVE-2023-42492
was published
Oct 25, 2023
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or...
Critical
Unreviewed
CVE-2022-22466
was published
Oct 23, 2023
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or...
Critical
Unreviewed
CVE-2023-33836
was published
Oct 16, 2023
ProTip!
Advisories are also available from the
GraphQL API