GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,278
Composer 4,356
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,297
npm 3,782
NuGet 683
pip 3,463
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,114

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

544 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker... Critical Unreviewed

CVE-2024-20439 was published Sep 4, 2024

The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are... Critical Unreviewed

CVE-2024-6633 was published Aug 27, 2024

A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207.... Critical Unreviewed

CVE-2024-8162 was published Aug 26, 2024

The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability,... Critical Unreviewed

CVE-2024-28987 was published Aug 22, 2024

H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed

CVE-2024-42638 was published Aug 16, 2024

H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow... Critical Unreviewed

CVE-2024-42637 was published Aug 16, 2024

Password reset tokens are generated using an insecure source of randomness. Attackers who know... Critical Unreviewed

CVE-2024-6890 was published Aug 8, 2024

A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as... Critical Unreviewed

CVE-2024-7332 was published Aug 1, 2024

In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded... Critical Unreviewed

CVE-2024-41611 was published Jul 30, 2024

D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet... Critical Unreviewed

CVE-2024-41610 was published Jul 30, 2024

Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to... Critical Unreviewed

CVE-2024-6912 was published Jul 22, 2024

Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Critical Unreviewed

CVE-2024-35338 was published Jul 16, 2024

An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS... Critical Unreviewed

CVE-2024-28747 was published Jul 9, 2024

A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013... Critical Unreviewed

CVE-2023-46685 was published Jul 8, 2024

mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code... Critical Unreviewed

CVE-2024-4708 was published Jul 3, 2024

Hardcoded credentials are discovered within the application's source code, creating a potential... Critical Unreviewed

CVE-2023-41919 was published Jul 2, 2024

luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials. Critical Unreviewed

CVE-2024-39208 was published Jun 27, 2024

TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account... Critical Unreviewed

CVE-2024-39374 was published Jun 27, 2024

Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User... Critical Unreviewed

CVE-2023-6198 was published Jun 25, 2024

Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier... Critical Unreviewed

CVE-2024-36480 was published Jun 19, 2024

Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password. Critical Unreviewed

CVE-2024-38466 was published Jun 16, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-3699 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-3700 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-1228 was published Jun 10, 2024

TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in ... Critical Unreviewed

CVE-2024-36782 was published Jun 3, 2024

Previous 1 2 3 4 5 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

544 advisories