GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,936
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,154
NuGet 736
pip 3,953
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 270,186

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,327 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed

CVE-2023-33836 was published Oct 16, 2023

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed

CVE-2022-22466 was published Oct 23, 2023

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been... Critical Unreviewed

CVE-2024-3272 was published Apr 4, 2024

Azure AI Search Information Disclosure Vulnerability High Unreviewed

CVE-2024-29063 was published Apr 9, 2024

IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which... High Unreviewed

CVE-2024-31873 was published Apr 10, 2024

Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup... Moderate Unreviewed

CVE-2019-6693 was published May 24, 2022

Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a... High Unreviewed

CVE-2022-2660 was published Dec 14, 2022

Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in... Critical Unreviewed

CVE-2017-8226 was published May 24, 2022

Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One... High Unreviewed

CVE-2023-31808 was published Sep 19, 2023

AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web... Critical Unreviewed

CVE-2019-14482 was published May 24, 2022

An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU... Critical Unreviewed

CVE-2019-14930 was published May 24, 2022

WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account... Critical Unreviewed

CVE-2019-9160 was published May 24, 2022

Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that is used during an... Moderate Unreviewed

CVE-2019-13399 was published May 24, 2022

Use of Hard-coded Credentials vulnerability in FortiRecorder all versions below 2.7.4 may allow... Critical Unreviewed

CVE-2019-6698 was published May 24, 2022

SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. High Unreviewed

CVE-2023-41713 was published Oct 18, 2023

Katello uses hard coded credential Critical

CVE-2012-3503 was published for katello (RubyGems) May 17, 2022

ThinkAdmin Admin Panel Access using Default Credentials High

CVE-2020-35296 was published for zoujingli/thinkadmin (Composer) May 24, 2022

An issue in the default configurations of ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION... Critical Unreviewed

CVE-2023-51200 was published Jan 23, 2024

Unauthenticated attackers can perform actions, using SSH private keys, by knowing the IP address... High Unreviewed

CVE-2024-3544 was published May 2, 2024

NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This... Moderate Unreviewed

CVE-2023-34284 was published May 3, 2024

Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass... Moderate Unreviewed

CVE-2023-39458 was published May 3, 2024

D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This... High Unreviewed

CVE-2023-35724 was published May 3, 2024

D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass... Critical Unreviewed

CVE-2023-44411 was published May 3, 2024

Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation... High Unreviewed

CVE-2023-51588 was published May 3, 2024

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device... Critical Unreviewed

CVE-2024-32740 was published May 14, 2024

Previous 1…39…54 Next

Previous 1 2 … 37 38 39 40 41 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,327 advisories