GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,279
Composer 4,356
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,297
npm 3,783
NuGet 683
pip 3,463
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,113

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,205 advisories

Filter by severity

Sort by

Least recently updated

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root... Critical Unreviewed

CVE-2025-26410 was published Feb 11, 2025

Certain models of routers from Billion Electric has hard-coded embedded linux credentials,... High Unreviewed

CVE-2025-1143 was published Feb 11, 2025

Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to... High Unreviewed

CVE-2024-46436 was published Feb 10, 2025

A default credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote... High Unreviewed

CVE-2024-46433 was published Feb 10, 2025

A hardcoded credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated... High Unreviewed

CVE-2024-46429 was published Feb 10, 2025

Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever... Critical Unreviewed

CVE-2024-36556 was published Feb 6, 2025

Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB... Critical Unreviewed

CVE-2024-51547 was published Feb 6, 2025

EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privilege escalation as the... Critical Unreviewed

CVE-2024-53356 was published Feb 1, 2025

In EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0, the AES encryption keys used to encrypt... High Unreviewed

CVE-2024-53357 was published Feb 1, 2025

AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the... High Unreviewed

CVE-2024-48310 was published Jan 29, 2025

An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service,... High Unreviewed

CVE-2024-55968 was published Jan 29, 2025

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that... Moderate Unreviewed

CVE-2024-50692 was published Jan 25, 2025

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be... Moderate Unreviewed

CVE-2024-50690 was published Jan 25, 2025

ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model... High Unreviewed

CVE-2024-11147 was published Jan 23, 2025

Flawed token generation implementation & Hard-coded key implementation Moderate Unreviewed

CVE-2024-55927 was published Jan 23, 2025

Hard-coded credentials were included as part of the application binary. These credentials served... Low Unreviewed

CVE-2024-45832 was published Jan 17, 2025

An issue in the AsDB service of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to enumerate... High Unreviewed

CVE-2024-48125 was published Jan 15, 2025

HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to... Critical Unreviewed

CVE-2024-48126 was published Jan 15, 2025

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all... Low Unreviewed

CVE-2024-50564 was published Jan 14, 2025

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2... Critical Unreviewed

CVE-2023-37936 was published Jan 14, 2025

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure... Moderate Unreviewed

CVE-2024-28778 was published Jan 7, 2025

Use of a hard-coded password for a database administrator account created during Wapro ERP... Critical Unreviewed

CVE-2024-4996 was published Dec 18, 2024

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric... Critical Unreviewed

CVE-2024-55557 was published Dec 16, 2024

Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability... Moderate Unreviewed

CVE-2024-48007 was published Dec 13, 2024

The application uses several hard-coded credentials to encrypt config files during backup, to... High Unreviewed

CVE-2024-28146 was published Dec 12, 2024

Previous 1 2 3 4 5 … 48 49 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,205 advisories