Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access... Critical Unreviewed
CVE-2025-28230 was published Apr 21, 2025
Dragonfly2 has hard coded cyptographic key Critical
CVE-2023-27584 was published for d7y.io/dragonfly/v2 (Go) Sep 19, 2024
cokeBeer gaius-qi
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability... High Unreviewed
CVE-2025-2765 was published Apr 23, 2025
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... High Unreviewed
CVE-2022-46411 was published Dec 4, 2022
UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain... Critical Unreviewed
CVE-2025-46273 was published Apr 25, 2025
UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read,... Critical Unreviewed
CVE-2025-46274 was published Apr 25, 2025
Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and... High Unreviewed
CVE-2025-46617 was published Apr 25, 2025
CWE-798: Use of Hard-coded Credentials Moderate Unreviewed
CVE-2025-23179 was published Apr 29, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR... Critical Unreviewed
CVE-2025-32985 was published Apr 25, 2025
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The... High Unreviewed
CVE-2025-32889 was published May 2, 2025
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The... High Unreviewed
CVE-2025-32888 was published May 2, 2025
In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with... Critical Unreviewed
CVE-2025-4041 was published May 6, 2025
The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an... Moderate Unreviewed
CVE-2025-47730 was published May 8, 2025
Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to... Moderate Unreviewed
CVE-2025-27488 was published May 13, 2025
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in... Moderate Unreviewed
CVE-2024-13688 was published Apr 28, 2025
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability... High Unreviewed
CVE-2023-32145 was published May 3, 2024
ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to... Moderate Unreviewed
CVE-2025-4876 was published May 19, 2025
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34442 was published Jan 18, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34440 was published Jan 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password... High Unreviewed
CVE-2022-34462 was published Jan 18, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34441 was published Jan 11, 2023
The `/etc/passwd` and `/etc/shadow` files reveal hard-coded password hashes for the operating... High Unreviewed
CVE-2025-48413 was published May 21, 2025
In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the... Critical Unreviewed
CVE-2025-45746 was published May 13, 2025
There are several scripts in the web interface that are accessible via undocumented hard-coded... Moderate Unreviewed
CVE-2025-48414 was published May 21, 2025
Contec FXA3200 version 1.13 and under were discovered to contain a hard coded hash password for... High Unreviewed
CVE-2022-36159 was published Sep 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database