Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
An issue in Automatic Systems SOC FL9600 FastLine v.lego_T04E00 allows a remote attacker to... High Unreviewed
CVE-2023-37608 was published Jan 3, 2024
A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with... Moderate Unreviewed
CVE-2024-20280 was published Oct 16, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between... Moderate Unreviewed
CVE-2024-45165 was published Aug 22, 2024
Authentication bypass in dtale High
CVE-2024-3408 was published for dtale (pip) Jun 6, 2024
A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100,... Critical Unreviewed
CVE-2024-20412 was published Oct 23, 2024
LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily... Critical Unreviewed
CVE-2024-51431 was published Nov 1, 2024
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up... Low Unreviewed
CVE-2024-10748 was published Nov 4, 2024
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in... Moderate Unreviewed
CVE-2024-5764 was published Oct 23, 2024
An attacker with local access to the medical office computer can access restricted functions of... High Unreviewed
CVE-2024-50593 was published Nov 8, 2024
VM images built with Image Builder with some providers use default credentials during builds in github.com/kubernetes-sigs/image-builder Moderate
CVE-2024-9594 was published for github.com/kubernetes-sigs/image-builder (Go) Oct 15, 2024
VM images built with Image Builder and Proxmox provider use default credentials in github.com/kubernetes-sigs/image-builder Critical
CVE-2024-9486 was published for github.com/kubernetes-sigs/image-builder (Go) Oct 15, 2024
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an... Moderate Unreviewed
CVE-2024-38480 was published Jul 1, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of... High Unreviewed
CVE-2024-7295 was published Nov 13, 2024
The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in... Critical Unreviewed
CVE-2024-48971 was published Nov 15, 2024
Azure Stack HCI Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49060 was published Nov 15, 2024
EverShop at risk to unauthorized access via weak HMAC secret Critical
CVE-2023-46943 was published for @evershop/evershop (npm) Jan 13, 2024
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT'... High Unreviewed
CVE-2020-12627 was published May 24, 2022
The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is... Critical Unreviewed
CVE-2024-42450 was published Nov 19, 2024
Apache Doris hardcoded key and IV High
CVE-2022-23942 was published for pydoris (pip) Apr 27, 2022
Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows... Critical Unreviewed
CVE-2023-51638 was published Nov 22, 2024
A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as... Low Unreviewed
CVE-2024-10920 was published Nov 6, 2024
Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro... High Unreviewed
CVE-2024-52788 was published Nov 19, 2024
Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in ... High Unreviewed
CVE-2024-52789 was published Nov 19, 2024
A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated... Moderate Unreviewed
CVE-2024-11026 was published Nov 9, 2024
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2023-51629 was published May 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database