Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,291 advisories

Loading
D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This... High Unreviewed
CVE-2023-35724 was published May 3, 2024
NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2023-34284 was published May 3, 2024
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability... High Unreviewed
CVE-2023-32145 was published May 3, 2024
Unauthenticated attackers can perform actions, using SSH private keys, by knowing the IP address... High Unreviewed
CVE-2024-3544 was published May 2, 2024
In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server... High Unreviewed
CVE-2023-52723 was published Apr 29, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite... Moderate Unreviewed
CVE-2024-22813 was published Apr 22, 2024
Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation... High Unreviewed
CVE-2024-29966 was published Apr 19, 2024
Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded keys used by Docker to reach... High Unreviewed
CVE-2024-29963 was published Apr 19, 2024
In the Brocade SANnav server versions before v2.3.1 and v2.3.0a, the SSH keys inside the OVA... High Unreviewed
CVE-2024-29960 was published Apr 19, 2024
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard... Moderate Unreviewed
CVE-2024-21990 was published Apr 17, 2024
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart... Moderate Unreviewed
CVE-2023-40146 was published Apr 17, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which... High Unreviewed
CVE-2024-31873 was published Apr 10, 2024
Azure AI Search Information Disclosure Vulnerability High Unreviewed
CVE-2024-29063 was published Apr 9, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been... Critical Unreviewed
CVE-2024-3272 was published Apr 4, 2024
Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local... Moderate Unreviewed
CVE-2024-3130 was published Apr 1, 2024
Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass... Critical Unreviewed
CVE-2024-2161 was published Mar 21, 2024
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. A... Moderate Unreviewed
CVE-2024-22083 was published Mar 20, 2024
Chirp Access improperly stores credentials within its source code, potentially exposing... Critical Unreviewed
CVE-2024-2197 was published Mar 20, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password... High Unreviewed
CVE-2024-27774 was published Mar 18, 2024
A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web... High Unreviewed
CVE-2023-5456 was published Mar 5, 2024
The Elink Smart eSmartCam (com.cn.dq.ipc) application 2.1.5 for Android contains hardcoded AES... High Unreviewed
CVE-2024-25731 was published Mar 5, 2024
Insecure AES key in Yealink Configuration Encrypt Tool below verrsion 1.2. A single, vendorwide,... Critical Unreviewed
CVE-2024-24681 was published Feb 24, 2024
A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719.... Low Unreviewed
CVE-2024-1661 was published Feb 20, 2024
Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability... Moderate Unreviewed
CVE-2024-1344 was published Feb 19, 2024
Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App... High Unreviewed
CVE-2023-6255 was published Feb 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database