Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

426 advisories

Loading
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT'... High Unreviewed
CVE-2020-12627 was published May 24, 2022
Azure Stack HCI Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49060 was published Nov 15, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of... High Unreviewed
CVE-2024-7295 was published Nov 13, 2024
An attacker with local access to the medical office computer can access restricted functions of... High Unreviewed
CVE-2024-50593 was published Nov 8, 2024
Authentication bypass in dtale High
CVE-2024-3408 was published for dtale (pip) Jun 6, 2024
An issue in Automatic Systems SOC FL9600 FastLine v.lego_T04E00 allows a remote attacker to... High Unreviewed
CVE-2023-37608 was published Jan 3, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows... High Unreviewed
CVE-2024-31151 was published Oct 30, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows... High Unreviewed
CVE-2024-28875 was published Oct 30, 2024
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary... High Unreviewed
CVE-2022-29778 was published Jun 4, 2022
Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in ... High Unreviewed
CVE-2024-48192 was published Oct 17, 2024
It is possible to download the configuration backup without authorization and decrypt included... High Unreviewed
CVE-2023-49256 was published Jan 12, 2024
An attacker can access the maintenance console using hard coded credentials for a hidden wireless... High Unreviewed
CVE-2024-38281 was published Jun 13, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local... High Unreviewed
CVE-2024-28812 was published Sep 30, 2024
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1... High Unreviewed
CVE-2024-8450 was published Sep 30, 2024
Certain switch models from PLANET Technology have a hard-coded credential in the specific command... High Unreviewed
CVE-2024-8448 was published Sep 30, 2024
Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat... High Unreviewed
CVE-2023-41612 was published Sep 18, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet... High Unreviewed
CVE-2024-45698 was published Sep 16, 2024
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read... High Unreviewed
CVE-2024-6656 was published Sep 13, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an... High Unreviewed
CVE-2024-39585 was published Sep 6, 2024
Precor touchscreen console P82 contains a private SSH key that corresponds to a default public... High Unreviewed
CVE-2023-49222 was published Jun 7, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-49223 was published Jun 7, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the... High Unreviewed
CVE-2023-49224 was published Jun 7, 2024
D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc... High Unreviewed
CVE-2024-37630 was published Jun 13, 2024
ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may... High Unreviewed
CVE-2024-39838 was published Aug 5, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker (within the local... High Unreviewed
CVE-2023-49221 was published Jun 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database