Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,291 advisories

Loading
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3... Low Unreviewed
CVE-2023-28895 was published Dec 1, 2023
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials... Critical Unreviewed
CVE-2023-23324 was published Nov 29, 2023
The FACSChorus software contains sensitive information stored in plaintext. A threat actor could... Moderate Unreviewed
CVE-2023-29064 was published Nov 28, 2023
Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to a hard-coded JWT... High Unreviewed
CVE-2023-47315 was published Nov 22, 2023
Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES... High Unreviewed
CVE-2023-48053 was published Nov 16, 2023
SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This... High Unreviewed
CVE-2023-48055 was published Nov 16, 2023
First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated... Critical Unreviewed
CVE-2023-47213 was published Nov 16, 2023
Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. A local... High Unreviewed
CVE-2023-44296 was published Nov 16, 2023
A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 -... Moderate Unreviewed
CVE-2023-40719 was published Nov 14, 2023
A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7... Moderate Unreviewed
CVE-2023-33304 was published Nov 14, 2023
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the... Critical Unreviewed
CVE-2023-47800 was published Nov 10, 2023
Symmetric encryption used to protect messages between the AppsAnywhere server and client can be... High Unreviewed
CVE-2023-41137 was published Nov 9, 2023
Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is... Critical Unreviewed
CVE-2023-5777 was published Nov 6, 2023
VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain hardcoded... Critical Unreviewed
CVE-2023-45499 was published Oct 27, 2023
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/... Critical Unreviewed
CVE-2018-17558 was published Oct 27, 2023
The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to... High Unreviewed
CVE-2023-46102 was published Oct 25, 2023
The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify... High Unreviewed
CVE-2023-41372 was published Oct 25, 2023
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key Critical Unreviewed
CVE-2023-42492 was published Oct 25, 2023
The Hawk Console and Hawk Agent components of TIBCO Software Inc.'s TIBCO Hawk, TIBCO Hawk... High Unreviewed
CVE-2023-26219 was published Oct 25, 2023
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed
CVE-2022-22466 was published Oct 23, 2023
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. High Unreviewed
CVE-2023-41713 was published Oct 18, 2023
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed
CVE-2023-33836 was published Oct 16, 2023
Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 ... Moderate Unreviewed
CVE-2023-45194 was published Oct 11, 2023
The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers... High Unreviewed
CVE-2023-45226 was published Oct 10, 2023
All versions of the qBittorrent client through 4.5.5 use default credentials when the web user... Critical Unreviewed
CVE-2023-30801 was published Oct 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database