Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

418 advisories

Loading
An attacker can access the maintenance console using hard coded credentials for a hidden wireless... High Unreviewed
CVE-2024-38281 was published Jun 13, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local... High Unreviewed
CVE-2024-28812 was published Sep 30, 2024
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1... High Unreviewed
CVE-2024-8450 was published Sep 30, 2024
Certain switch models from PLANET Technology have a hard-coded credential in the specific command... High Unreviewed
CVE-2024-8448 was published Sep 30, 2024
Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat... High Unreviewed
CVE-2023-41612 was published Sep 18, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet... High Unreviewed
CVE-2024-45698 was published Sep 16, 2024
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read... High Unreviewed
CVE-2024-6656 was published Sep 13, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an... High Unreviewed
CVE-2024-39585 was published Sep 6, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the... High Unreviewed
CVE-2023-49224 was published Jun 7, 2024
Precor touchscreen console P82 contains a private SSH key that corresponds to a default public... High Unreviewed
CVE-2023-49222 was published Jun 7, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-49223 was published Jun 7, 2024
D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc... High Unreviewed
CVE-2024-37630 was published Jun 13, 2024
EverShop at risk to unauthorized access via weak HMAC secret High
CVE-2023-46943 was published for @evershop/evershop (npm) Jan 13, 2024
ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may... High Unreviewed
CVE-2024-39838 was published Aug 5, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker (within the local... High Unreviewed
CVE-2023-49221 was published Jun 7, 2024
TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the... High Unreviewed
CVE-2024-34219 was published May 14, 2024
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and... High Unreviewed
CVE-2024-41161 was published Aug 8, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed
CVE-2024-41616 was published Aug 6, 2024
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the... High Unreviewed
CVE-2019-20471 was published May 24, 2022
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover... High Unreviewed
CVE-2024-5471 was published Jul 17, 2024
It appears that some hardcoded keys are used for authentication to internal API. Knowing these... High Unreviewed
CVE-2024-27168 was published Jun 14, 2024
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the... High Unreviewed
CVE-2024-27170 was published Jun 14, 2024
The configuration file is encrypted with a static key derived from a static five-character... High Unreviewed
CVE-2024-36496 was published Jun 24, 2024
'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to... High Unreviewed
CVE-2024-32988 was published May 22, 2024
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST... High Unreviewed
CVE-2023-26566 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database