Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

119 advisories

Loading
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials... Critical Unreviewed
CVE-2025-30115 was published Mar 18, 2025
On IROAD v9 devices, the dashcam has hardcoded default credentials ("qwertyuiop") that cannot be... High Unreviewed
CVE-2025-30106 was published Mar 18, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, contain(s) a Use of Hard-coded Password... High Unreviewed
CVE-2024-48831 was published Mar 17, 2025
A vulnerability classified as critical was found in IROAD Dash Cam X5 and Dash Cam X6 up to... High Unreviewed
CVE-2025-2343 was published Mar 16, 2025
A vulnerability classified as critical has been found in IROAD X5 Mobile App up to 5.2.5 on... Moderate Unreviewed
CVE-2025-2342 was published Mar 16, 2025
A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5. It has been classified... Moderate Unreviewed
CVE-2025-2322 was published Mar 15, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0... Critical Unreviewed
CVE-2025-27638 was published Mar 5, 2025
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic.... Low Unreviewed
CVE-2025-1879 was published Mar 3, 2025
TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc... High Unreviewed
CVE-2025-25428 was published Feb 28, 2025
A CWE-259 "Use of Hard-coded Password" for the root account in Q-Free MaxTime less than or equal... Critical Unreviewed
CVE-2025-1100 was published Feb 12, 2025
A use of hard-coded password vulnerability may allow authentication abuse.This issue affects ELI... Moderate Unreviewed
CVE-2022-26388 was published Feb 7, 2025
A vulnerability has been found in E-Lins H685, H685f, H700, H720, H750, H820, H820Q, H820Q0 and... Moderate Unreviewed
CVE-2024-11630 was published Nov 23, 2024
A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100,... Critical Unreviewed
CVE-2024-20412 was published Oct 23, 2024
FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114... Critical Unreviewed
CVE-2024-25825 was published Oct 9, 2024
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several... High Unreviewed
CVE-2024-46328 was published Sep 26, 2024
The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user... Critical Unreviewed
CVE-2024-43423 was published Sep 25, 2024
runofast Indoor Security Camera for Baby Monitor has a default password of password for the root... Moderate Unreviewed
CVE-2024-46959 was published Sep 18, 2024
Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password. Critical Unreviewed
CVE-2023-37231 was published Sep 10, 2024
A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220.... Critical Unreviewed
CVE-2024-8580 was published Sep 8, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an... High Unreviewed
CVE-2024-39585 was published Sep 6, 2024
H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows... Critical Unreviewed
CVE-2024-42639 was published Aug 16, 2024
Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P... Moderate Unreviewed
CVE-2024-31798 was published Aug 15, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed
CVE-2024-41616 was published Aug 6, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... High Unreviewed
CVE-2024-38885 was published Aug 2, 2024
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as... Critical Unreviewed
CVE-2024-7332 was published Aug 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database