Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials... Critical Unreviewed
CVE-2025-30113 was published Mar 18, 2025
An issue was discovered on ROADCAM X3 devices. It has a uniform default credential set that... Critical Unreviewed
CVE-2025-30122 was published Mar 18, 2025
An issue was discovered on ROADCAM X3 devices. The mobile app APK (Viidure) contains hardcoded... Critical Unreviewed
CVE-2025-30123 was published Mar 18, 2025
In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The... Moderate Unreviewed
CVE-2025-30109 was published Mar 18, 2025
Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software... Critical Unreviewed
CVE-2022-45766 was published Feb 10, 2023
An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service,... High Unreviewed
CVE-2024-55968 was published Jan 29, 2025
AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the... High Unreviewed
CVE-2024-48310 was published Jan 29, 2025
An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for... Critical Unreviewed
CVE-2025-30137 was published Mar 18, 2025
An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to... High Unreviewed
CVE-2025-30118 was published Mar 25, 2025
The Elink Smart eSmartCam (com.cn.dq.ipc) application 2.1.5 for Android contains hardcoded AES... High Unreviewed
CVE-2024-25731 was published Mar 5, 2024
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-13773 was published Mar 14, 2025
Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator Critical Unreviewed
CVE-2024-29855 was published Jun 11, 2024
An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to... Moderate Unreviewed
CVE-2022-48067 was published Jan 27, 2023
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected... Critical Unreviewed
CVE-2024-41794 was published Apr 8, 2025
ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not... High Unreviewed
CVE-2008-1160 was published May 1, 2022
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ... Critical Unreviewed
CVE-2024-31810 was published May 14, 2024
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization... Critical Unreviewed
CVE-2025-30406 was published Apr 3, 2025
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent... High Unreviewed
CVE-2025-3426 was published Apr 7, 2025
NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root... Critical Unreviewed
CVE-2016-5678 was published May 17, 2022
VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys... Critical Unreviewed
CVE-2016-5333 was published May 17, 2022
NETGEAR Arlo base stations with firmware 1.7.5_6178 and earlier, Arlo Q devices with firmware 1.8... Critical Unreviewed
CVE-2016-10115 was published May 17, 2022
Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data. Moderate Unreviewed
CVE-2023-41611 was published Sep 18, 2024
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed
CVE-2025-27643 was published Mar 5, 2025
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. A... Moderate Unreviewed
CVE-2024-22083 was published Mar 20, 2024
Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. Critical Unreviewed
CVE-2021-22644 was published Jul 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database