GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,276
Composer 4,356
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,297
npm 3,782
NuGet 683
pip 3,461
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,111

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

433 advisories

Filter by severity

Sort by

Least recently updated

D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This... High Unreviewed

CVE-2023-35724 was published May 3, 2024

Unauthenticated attackers can perform actions, using SSH private keys, by knowing the IP address... High Unreviewed

CVE-2024-3544 was published May 2, 2024

In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server... High Unreviewed

CVE-2023-52723 was published Apr 29, 2024

Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation... High Unreviewed

CVE-2024-29966 was published Apr 19, 2024

In the Brocade SANnav server versions before v2.3.1 and v2.3.0a, the SSH keys inside the OVA... High Unreviewed

CVE-2024-29960 was published Apr 19, 2024

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded keys used by Docker to reach... High Unreviewed

CVE-2024-29963 was published Apr 19, 2024

IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which... High Unreviewed

CVE-2024-31873 was published Apr 10, 2024

Azure AI Search Information Disclosure Vulnerability High Unreviewed

CVE-2024-29063 was published Apr 9, 2024

A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web... High Unreviewed

CVE-2023-5456 was published Mar 5, 2024

Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App... High Unreviewed

CVE-2023-6255 was published Feb 15, 2024

Use of a hard-coded password for a special database account created during Comarch ERP XL... High Unreviewed

CVE-2023-4539 was published Feb 15, 2024

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access... High Unreviewed

CVE-2023-6409 was published Feb 14, 2024

Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.02~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-23842 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22768 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22772 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22771 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22769 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22770 was published Jan 23, 2024

Ubee DDW365 XCNDDW365 and DDW366 XCNDXW3WB devices have predictable default WPA2 PSKs that could... High Unreviewed

CVE-2024-23726 was published Jan 21, 2024

It is possible to download the configuration backup without authorization and decrypt included... High Unreviewed

CVE-2023-49256 was published Jan 12, 2024

The vulnerability allows a remote attacker to authenticate to the SSH service with root... High Unreviewed

CVE-2023-48251 was published Jan 10, 2024

The vulnerability allows a remote attacker to authenticate to the web application with high... High Unreviewed

CVE-2023-48250 was published Jan 10, 2024

An issue in Automatic Systems SOC FL9600 FastLine v.lego_T04E00 allows a remote attacker to... High Unreviewed

CVE-2023-37608 was published Jan 3, 2024

When installing the Net2 software a root certificate is installed into the trusted store. A... High Unreviewed

CVE-2023-43870 was published Dec 19, 2023

Hidden and hard-coded credentials in ProLion CryptoSpike 3.0.15P2 allow remote attackers to login... High Unreviewed

CVE-2023-36651 was published Dec 12, 2023

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

433 advisories