GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,931
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,150
NuGet 736
pip 3,952
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 269,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,291 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same... Critical Unreviewed

CVE-2024-0390 was published Feb 15, 2024

Use of a hard-coded password for a special database account created during Comarch ERP XL... High Unreviewed

CVE-2023-4539 was published Feb 15, 2024

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access... High Unreviewed

CVE-2023-6409 was published Feb 14, 2024

A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0)... Critical Unreviewed

CVE-2024-23816 was published Feb 13, 2024

IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password... Moderate Unreviewed

CVE-2024-22313 was published Feb 10, 2024

An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via... Critical Unreviewed

CVE-2023-38995 was published Feb 7, 2024

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account... Critical Unreviewed

CVE-2024-22853 was published Feb 6, 2024

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded... Critical Unreviewed

CVE-2024-21764 was published Feb 2, 2024

Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if... Critical Unreviewed

CVE-2024-1039 was published Feb 2, 2024

Multiple MachineSense devices have credentials unable to be changed by the user or... Critical Unreviewed

CVE-2023-46706 was published Feb 2, 2024

TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root... Critical Unreviewed

CVE-2024-24324 was published Jan 30, 2024

DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key. Critical Unreviewed

CVE-2023-51840 was published Jan 29, 2024

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an... Moderate Unreviewed

CVE-2023-6482 was published Jan 27, 2024

A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote,... Critical Unreviewed

CVE-2024-23619 was published Jan 26, 2024

Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a... Moderate Unreviewed

CVE-2024-23453 was published Jan 24, 2024

An issue in the default configurations of ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION... Critical Unreviewed

CVE-2023-51200 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.02~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-23842 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22771 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22769 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22772 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22770 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22768 was published Jan 23, 2024

Ubee DDW365 XCNDDW365 and DDW366 XCNDXW3WB devices have predictable default WPA2 PSKs that could... High Unreviewed

CVE-2024-23726 was published Jan 21, 2024

The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded... Moderate Unreviewed

CVE-2023-28897 was published Jan 12, 2024

It is possible to download the configuration backup without authorization and decrypt included... High Unreviewed

CVE-2023-49256 was published Jan 12, 2024

Previous 1…12…52 Next

Previous 1 2 … 10 11 12 13 14 … 51 52 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,291 advisories