Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a... High Unreviewed
CVE-2023-22956 was published Aug 11, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded... Moderate Unreviewed
CVE-2023-3262 was published Aug 14, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to... Critical Unreviewed
CVE-2023-3264 was published Aug 14, 2023
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential... Critical Unreviewed
CVE-2023-4204 was published Aug 16, 2023
N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which... Critical Unreviewed
CVE-2023-39808 was published Aug 21, 2023
EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were... High Unreviewed
CVE-2023-37426 was published Aug 22, 2023
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models... Moderate Unreviewed
CVE-2022-3744 was published Aug 23, 2023
The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote... High Unreviewed
CVE-2023-4419 was published Aug 24, 2023
Netmaker has Hardcoded DNS Secret Key High
CVE-2023-32077 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh iamnoooob
SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of using hard-coded... Critical Unreviewed
CVE-2023-38024 was published Aug 28, 2023
SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-coded uBoot credentials. An... Critical Unreviewed
CVE-2023-38026 was published Aug 28, 2023
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man... High Unreviewed
CVE-2023-23771 was published Aug 29, 2023
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site... Critical Unreviewed
CVE-2023-23770 was published Aug 29, 2023
Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL... High Unreviewed
CVE-2023-31173 was published Aug 31, 2023
A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may... Moderate Unreviewed
CVE-2023-39982 was published Sep 2, 2023
A hard coded password in Super Store Finder v3.6 allows attackers to access the administration... Critical Unreviewed
CVE-2023-41508 was published Sep 5, 2023
Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions... High Unreviewed
CVE-2023-32619 was published Sep 6, 2023
The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of... High Unreviewed
CVE-2023-39421 was published Sep 7, 2023
The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user... High Unreviewed
CVE-2023-39420 was published Sep 7, 2023
The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates... Critical Unreviewed
CVE-2023-39422 was published Sep 7, 2023
Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which... Moderate Unreviewed
CVE-2023-27169 was published Sep 12, 2023
A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may... High Unreviewed
CVE-2023-40717 was published Sep 13, 2023
i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default... Critical Unreviewed
CVE-2023-37755 was published Sep 14, 2023
An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-42336 was published Sep 16, 2023
An issue in xui-xray v1.8.3 allows attackers to obtain sensitive information via default password. High Unreviewed
CVE-2023-41595 was published Sep 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database