GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,278
Composer 4,356
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,297
npm 3,782
NuGet 683
pip 3,463
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,114

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

433 advisories

Filter by severity

Sort by

Least recently updated

Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read... High Unreviewed

CVE-2024-6656 was published Sep 13, 2024

Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an... High Unreviewed

CVE-2024-39585 was published Sep 6, 2024

Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and... High Unreviewed

CVE-2024-41161 was published Aug 8, 2024

D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed

CVE-2024-41616 was published Aug 6, 2024

ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may... High Unreviewed

CVE-2024-39838 was published Aug 5, 2024

Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover... High Unreviewed

CVE-2024-5471 was published Jul 17, 2024

A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)... High Unreviewed

CVE-2024-5460 was published Jun 26, 2024

The configuration file is encrypted with a static key derived from a static five-character... High Unreviewed

CVE-2024-36496 was published Jun 24, 2024

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor.... High Unreviewed

CVE-2024-6045 was published Jun 17, 2024

It appears that some hardcoded keys are used for authentication to internal API. Knowing these... High Unreviewed

CVE-2024-27168 was published Jun 14, 2024

It was observed that all the Toshiba printers contain credentials used for WebDAV access in the... High Unreviewed

CVE-2024-27170 was published Jun 14, 2024

D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc... High Unreviewed

CVE-2024-37630 was published Jun 13, 2024

An attacker can access the maintenance console using hard coded credentials for a hidden wireless... High Unreviewed

CVE-2024-38281 was published Jun 13, 2024

CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege... High Unreviewed

CVE-2024-0865 was published Jun 12, 2024

Precor touchscreen console P82 contains a private SSH key that corresponds to a default public... High Unreviewed

CVE-2023-49222 was published Jun 7, 2024

Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the... High Unreviewed

CVE-2023-49224 was published Jun 7, 2024

Precor touchscreen console P62, P80, and P82 could allow a remote attacker to obtain sensitive... High Unreviewed

CVE-2023-49223 was published Jun 7, 2024

Precor touchscreen console P62, P80, and P82 could allow a remote attacker (within the local... High Unreviewed

CVE-2023-49221 was published Jun 7, 2024

Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials... High Unreviewed

CVE-2024-29170 was published Jun 4, 2024

'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to... High Unreviewed

CVE-2024-32988 was published May 22, 2024

Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5... High Unreviewed

CVE-2024-4844 was published May 16, 2024

TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the... High Unreviewed

CVE-2024-34219 was published May 14, 2024

The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication... High Unreviewed

CVE-2024-23473 was published May 14, 2024

Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST... High Unreviewed

CVE-2023-26566 was published May 14, 2024

Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation... High Unreviewed

CVE-2023-51588 was published May 3, 2024

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

433 advisories