GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,931
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,150
NuGet 736
pip 3,952
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 269,970

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,291 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may... Moderate Unreviewed

CVE-2023-27921 was published May 23, 2023

Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10... High Unreviewed

CVE-2023-27512 was published May 23, 2023

Files present on firmware images could allow an attacker to gain unauthorized access as a... Critical Unreviewed

CVE-2023-2504 was published May 23, 2023

Snap One OvrC Pro versions prior to 7.2 have their own locally... Critical Unreviewed

CVE-2023-31240 was published May 22, 2023

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability... Critical Unreviewed

CVE-2023-33236 was published May 22, 2023

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... High Unreviewed

CVE-2023-30351 was published May 10, 2023

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... Critical Unreviewed

CVE-2023-30352 was published May 10, 2023

A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC... High Unreviewed

CVE-2023-26203 was published May 4, 2023

European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak... Critical Unreviewed

CVE-2023-26089 was published May 2, 2023

Sage 300 through 2022 uses a hard-coded 40-byte blowfish key to encrypt and decrypt user... Critical Unreviewed

CVE-2022-41400 was published Apr 28, 2023

The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte... High Unreviewed

CVE-2022-41399 was published Apr 28, 2023

The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded... High Unreviewed

CVE-2022-41398 was published Apr 28, 2023

The optional Web Screens and Global Search features for Sage 300 through version 2022 use a hard... Critical Unreviewed

CVE-2022-41397 was published Apr 28, 2023

Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus (AMP)... High Unreviewed

CVE-2023-2291 was published Apr 26, 2023

An issue was discovered in Fighting Cock Information System 1.0, which uses default credentials,... Critical Unreviewed

CVE-2022-39989 was published Apr 26, 2023

PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote... High Unreviewed

CVE-2022-45291 was published Apr 25, 2023

TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User ---... High Unreviewed

CVE-2022-37255 was published Apr 16, 2023

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials... High Unreviewed

CVE-2023-22429 was published Apr 11, 2023

The listed versions of Nexx Smart Home devices use hard-coded credentials. An attacker with... Critical Unreviewed

CVE-2023-1748 was published Apr 4, 2023

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed

CVE-2023-28503 was published Mar 29, 2023

Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded... Critical Unreviewed

CVE-2023-28654 was published Mar 28, 2023

Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows... Critical Unreviewed

CVE-2022-22512 was published Mar 23, 2023

MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the... High Unreviewed

CVE-2023-0391 was published Mar 21, 2023

A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0... Critical Unreviewed

CVE-2023-26511 was published Mar 14, 2023

The Akuvox E11 secure shell (SSH) server is enabled by default and can be accessed by the root... Critical Unreviewed

CVE-2023-0345 was published Mar 13, 2023

Previous 1…18…52 Next

Previous 1 2 … 16 17 18 19 20 … 51 52 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,291 advisories