GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
174 advisories
Filter by severity
A vulnerability in the SonicWall SMA100 SSLVPN
firmware 10.2.1.13-72sv and earlier versions...
Moderate
Unreviewed
CVE-2024-45319
was published
Dec 5, 2024
A hardcoded decryption key in Thinkware Cloud APK v4.3.46 allows attackers to access sensitive...
Moderate
Unreviewed
CVE-2024-53614
was published
Dec 4, 2024
Duplicate Advisory: Keycloak Build Process Exposes Sensitive Data
Moderate
GHSA-jcgg-mg9g-p9wf
was published
for
org.keycloak:keycloak-quarkus-server
(Maven)
Nov 25, 2024
•
withdrawn
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded...
Moderate
Unreviewed
CVE-2024-40410
was published
Nov 14, 2024
A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated...
Moderate
Unreviewed
CVE-2024-11026
was published
Nov 9, 2024
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in...
Moderate
Unreviewed
CVE-2024-5764
was published
Oct 23, 2024
MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded...
Moderate
Unreviewed
CVE-2024-4740
was published
Oct 18, 2024
A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with...
Moderate
Unreviewed
CVE-2024-20280
was published
Oct 16, 2024
VM images built with Image Builder with some providers use default credentials during builds in github.com/kubernetes-sigs/image-builder
Moderate
CVE-2024-9594
was published
for
github.com/kubernetes-sigs/image-builder
(Go)
Oct 15, 2024
Certain switch models from PLANET Technology have a Hard-coded Credential in the password...
Moderate
Unreviewed
CVE-2024-8449
was published
Sep 30, 2024
Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass...
Moderate
Unreviewed
CVE-2024-23958
was published
Sep 28, 2024
SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential...
Moderate
Unreviewed
CVE-2024-28990
was published
Sep 12, 2024
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by...
Moderate
Unreviewed
CVE-2024-35118
was published
Aug 29, 2024
A vulnerability classified as critical has been found in Go-Tribe gotribe up to...
Moderate
Unreviewed
CVE-2024-8135
was published
Aug 25, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between...
Moderate
Unreviewed
CVE-2024-45165
was published
Aug 22, 2024
A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This...
Moderate
Unreviewed
CVE-2024-8005
was published
Aug 20, 2024
Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P...
Moderate
Unreviewed
CVE-2024-31798
was published
Aug 15, 2024
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique...
Moderate
Unreviewed
CVE-2024-33895
was published
Aug 2, 2024
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This...
Moderate
Unreviewed
CVE-2024-7170
was published
Jul 29, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA...
Moderate
Unreviewed
CVE-2024-41689
was published
Jul 26, 2024
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an...
Moderate
Unreviewed
CVE-2024-38480
was published
Jul 1, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An...
Moderate
Unreviewed
CVE-2024-27160
was published
Jun 14, 2024
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An...
Moderate
Unreviewed
CVE-2024-27161
was published
Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An...
Moderate
Unreviewed
CVE-2024-27159
was published
Jun 14, 2024
Apache Submarine Commons Utils has a hard-coded secret
Moderate
CVE-2024-36264
was published
for
apache-submarine
(Maven)
Jun 12, 2024
ProTip!
Advisories are also available from the
GraphQL API