GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,148

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

119 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard... Moderate Unreviewed

CVE-2024-21990 was published Apr 17, 2024

In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password). High Unreviewed

CVE-2024-28066 was published Apr 8, 2024

Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote... Critical Unreviewed

CVE-2024-27488 was published Apr 8, 2024

Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3,... Critical Unreviewed

CVE-2024-28010 was published Mar 28, 2024

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed

CVE-2024-26196 was published Mar 21, 2024

Chirp Access improperly stores credentials within its source code, potentially exposing... Critical Unreviewed

CVE-2024-2197 was published Mar 20, 2024

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password... High Unreviewed

CVE-2024-27774 was published Mar 18, 2024

IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or... Moderate Unreviewed

CVE-2023-50948 was published Jan 8, 2024

The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3... Low Unreviewed

CVE-2023-28895 was published Dec 1, 2023

SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. High Unreviewed

CVE-2023-41713 was published Oct 18, 2023

A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. This... Moderate Unreviewed

CVE-2023-5222 was published Sep 27, 2023

Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated... Moderate Unreviewed

CVE-2023-41030 was published Sep 18, 2023

Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man... High Unreviewed

CVE-2023-23771 was published Aug 29, 2023

Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site... Critical Unreviewed

CVE-2023-23770 was published Aug 29, 2023

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2... Critical Unreviewed

CVE-2022-45444 was published Jul 6, 2023

A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects... Moderate Unreviewed

CVE-2023-3237 was published Jun 14, 2023

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed

CVE-2023-2061 was published Jun 2, 2023

This vulnerability enables ssh access to minikube container using a default password. High Unreviewed

CVE-2023-1944 was published May 24, 2023

A vulnerability, which was classified as problematic, has been found in cnoa OA up to 5.1.1.5.... Moderate Unreviewed

CVE-2023-2799 was published May 18, 2023

A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is... Critical Unreviewed

CVE-2023-2645 was published May 11, 2023

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1... Moderate Unreviewed

CVE-2023-29103 was published May 9, 2023

A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471.... Moderate Unreviewed

CVE-2023-0808 was published Feb 13, 2023

A vulnerability classified as critical has been found in Netis Netcore Router. This affects an... Critical Unreviewed

CVE-2018-25069 was published Jan 7, 2023

A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected... Critical Unreviewed

CVE-2014-125030 was published Jan 1, 2023

Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an... Critical Unreviewed

CVE-2022-41653 was published Dec 14, 2022

Previous 1…45 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

119 advisories