GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,931
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,150
NuGet 736
pip 3,952
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 269,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,327 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22770 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22768 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.02~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-23842 was published Jan 23, 2024

An issue in the default configurations of ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION... Critical Unreviewed

CVE-2023-51200 was published Jan 23, 2024

Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a... Moderate Unreviewed

CVE-2024-23453 was published Jan 24, 2024

A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote,... Critical Unreviewed

CVE-2024-23619 was published Jan 26, 2024

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an... Moderate Unreviewed

CVE-2023-6482 was published Jan 27, 2024

DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key. Critical Unreviewed

CVE-2023-51840 was published Jan 29, 2024

TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root... Critical Unreviewed

CVE-2024-24324 was published Jan 30, 2024

Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if... Critical Unreviewed

CVE-2024-1039 was published Feb 2, 2024

Multiple MachineSense devices have credentials unable to be changed by the user or... Critical Unreviewed

CVE-2023-46706 was published Feb 2, 2024

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded... Critical Unreviewed

CVE-2024-21764 was published Feb 2, 2024

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account... Critical Unreviewed

CVE-2024-22853 was published Feb 6, 2024

An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via... Critical Unreviewed

CVE-2023-38995 was published Feb 7, 2024

IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password... Moderate Unreviewed

CVE-2024-22313 was published Feb 10, 2024

A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0)... Critical Unreviewed

CVE-2024-23816 was published Feb 13, 2024

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access... High Unreviewed

CVE-2023-6409 was published Feb 14, 2024

Use of a hard-coded password for a special database account created during Comarch ERP XL... High Unreviewed

CVE-2023-4539 was published Feb 15, 2024

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same... Critical Unreviewed

CVE-2024-0390 was published Feb 15, 2024

Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App... High Unreviewed

CVE-2023-6255 was published Feb 15, 2024

Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability... Moderate Unreviewed

CVE-2024-1344 was published Feb 19, 2024

A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719.... Low Unreviewed

CVE-2024-1661 was published Feb 20, 2024

Insecure AES key in Yealink Configuration Encrypt Tool below verrsion 1.2. A single, vendorwide,... Critical Unreviewed

CVE-2024-24681 was published Feb 24, 2024

The Elink Smart eSmartCam (com.cn.dq.ipc) application 2.1.5 for Android contains hardcoded AES... High Unreviewed

CVE-2024-25731 was published Mar 5, 2024

A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web... High Unreviewed

CVE-2023-5456 was published Mar 5, 2024

Previous 1…42…54 Next

Previous 1 2 … 40 41 42 43 44 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,327 advisories