Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded... High Unreviewed
CVE-2022-41398 was published Apr 28, 2023
The optional Web Screens and Global Search features for Sage 300 through version 2022 use a hard... Critical Unreviewed
CVE-2022-41397 was published Apr 28, 2023
European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak... Critical Unreviewed
CVE-2023-26089 was published May 2, 2023
A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC... High Unreviewed
CVE-2023-26203 was published May 4, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... High Unreviewed
CVE-2023-30351 was published May 10, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... Critical Unreviewed
CVE-2023-30352 was published May 10, 2023
MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-33236 was published May 22, 2023
Snap One OvrC Pro versions prior to 7.2 have their own locally... Critical Unreviewed
CVE-2023-31240 was published May 22, 2023
Files present on firmware images could allow an attacker to gain unauthorized access as a... Critical Unreviewed
CVE-2023-2504 was published May 23, 2023
JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may... Moderate Unreviewed
CVE-2023-27921 was published May 23, 2023
Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10... High Unreviewed
CVE-2023-27512 was published May 23, 2023
This vulnerability enables ssh access to minikube container using a default password. High Unreviewed
CVE-2023-1944 was published May 24, 2023
ROZCOM client CWE-798: Use of Hard-coded Credentials High Unreviewed
CVE-2023-31184 was published May 30, 2023
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider... High Unreviewed
CVE-2023-28937 was published Jun 1, 2023
Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below... Critical Unreviewed
CVE-2023-33778 was published Jun 1, 2023
Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote... Critical Unreviewed
CVE-2022-4333 was published Jun 1, 2023
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2061 was published Jun 2, 2023
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker... High Unreviewed
CVE-2022-47617 was published Jun 2, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... Moderate Unreviewed
CVE-2023-33920 was published Jun 13, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to... High Unreviewed
CVE-2023-2637 was published Jun 13, 2023
A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects... Moderate Unreviewed
CVE-2023-3237 was published Jun 14, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN... High Unreviewed
CVE-2023-25187 was published Jun 16, 2023
A security vulnerability in HPE Insight Remote Support may result in the local disclosure of... Moderate Unreviewed
CVE-2023-30904 was published Jun 16, 2023
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code... High Unreviewed
CVE-2023-32274 was published Jun 20, 2023
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not... Critical Unreviewed
CVE-2023-2611 was published Jun 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database