Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,291 advisories

Loading
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site... Critical Unreviewed
CVE-2023-23770 was published Aug 29, 2023
SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-coded uBoot credentials. An... Critical Unreviewed
CVE-2023-38026 was published Aug 28, 2023
SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of using hard-coded... Critical Unreviewed
CVE-2023-38024 was published Aug 28, 2023
The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote... High Unreviewed
CVE-2023-4419 was published Aug 24, 2023
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models... Moderate Unreviewed
CVE-2022-3744 was published Aug 23, 2023
EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were... High Unreviewed
CVE-2023-37426 was published Aug 22, 2023
N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which... Critical Unreviewed
CVE-2023-39808 was published Aug 21, 2023
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential... Critical Unreviewed
CVE-2023-4204 was published Aug 16, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to... Critical Unreviewed
CVE-2023-3264 was published Aug 14, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded... Moderate Unreviewed
CVE-2023-3262 was published Aug 14, 2023
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due... High Unreviewed
CVE-2023-22957 was published Aug 11, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a... High Unreviewed
CVE-2023-22956 was published Aug 11, 2023
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow... Moderate Unreviewed
CVE-2022-44612 was published Aug 11, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... Moderate Unreviewed
CVE-2023-37858 was published Aug 9, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... High Unreviewed
CVE-2023-37857 was published Aug 9, 2023
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on... High Unreviewed
CVE-2023-21652 was published Aug 8, 2023
Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's... Critical Unreviewed
CVE-2023-33372 was published Aug 4, 2023
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and... Critical Unreviewed
CVE-2023-33371 was published Aug 3, 2023
JBL soundbar multibeam 5.1 - CWE-798: Use of Hard-coded Credentials Critical Unreviewed
CVE-2023-37215 was published Jul 30, 2023
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials Critical Unreviewed
CVE-2023-32227 was published Jul 30, 2023
TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN):... Critical Unreviewed
CVE-2023-33744 was published Jul 27, 2023
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow... High Unreviewed
CVE-2023-38433 was published Jul 26, 2023
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An... Critical Unreviewed
CVE-2023-37291 was published Jul 21, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed
CVE-2023-35763 was published Jul 18, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed
CVE-2023-34123 was published Jul 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database