GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,099 advisories
Filter by severity
An attacker can access the maintenance console using hard coded credentials for a hidden wireless...
High
Unreviewed
CVE-2024-38281
was published
Jun 13, 2024
The web application for ProGauge MAGLINK LX4 CONSOLE contains an
administrative-level user...
Critical
Unreviewed
CVE-2024-43423
was published
Sep 25, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local...
High
Unreviewed
CVE-2024-28812
was published
Sep 30, 2024
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if...
Critical
Unreviewed
CVE-2024-45861
was published
Sep 19, 2024
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1...
High
Unreviewed
CVE-2024-8450
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a hard-coded credential in the specific command...
High
Unreviewed
CVE-2024-8448
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a Hard-coded Credential in the password...
Moderate
Unreviewed
CVE-2024-8449
was published
Sep 30, 2024
Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass...
Moderate
Unreviewed
CVE-2024-23958
was published
Sep 28, 2024
Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat...
High
Unreviewed
CVE-2023-41612
was published
Sep 18, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet...
High
Unreviewed
CVE-2024-45698
was published
Sep 16, 2024
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read...
High
Unreviewed
CVE-2024-6656
was published
Sep 13, 2024
Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for...
Moderate
Unreviewed
CVE-2023-43583
was published
Dec 14, 2023
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account...
Critical
Unreviewed
CVE-2024-39374
was published
Jun 27, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an...
High
Unreviewed
CVE-2024-39585
was published
Sep 6, 2024
A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker...
Critical
Unreviewed
CVE-2024-20439
was published
Sep 4, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the...
High
Unreviewed
CVE-2023-49224
was published
Jun 7, 2024
Precor touchscreen console P82 contains a private SSH key that corresponds to a default public...
High
Unreviewed
CVE-2023-49222
was published
Jun 7, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2023-49223
was published
Jun 7, 2024
SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential...
Moderate
Unreviewed
CVE-2024-28990
was published
Sep 12, 2024
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/...
Critical
Unreviewed
CVE-2018-17558
was published
Oct 27, 2023
Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to...
Critical
Unreviewed
CVE-2024-6912
was published
Jul 22, 2024
H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-42638
was published
Aug 16, 2024
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A...
Low
Unreviewed
CVE-2024-39582
was published
Sep 10, 2024
D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc...
High
Unreviewed
CVE-2024-37630
was published
Jun 13, 2024
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique...
Moderate
Unreviewed
CVE-2024-33895
was published
Aug 2, 2024
ProTip!
Advisories are also available from the
GraphQL API