Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,327 advisories

Loading
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform ... Moderate Unreviewed
CVE-2019-13543 was published May 24, 2022
Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952... High Unreviewed
CVE-2018-8870 was published May 13, 2022
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB... Critical Unreviewed
CVE-2024-51547 was published Feb 6, 2025
Hard-coded credentials in org.folio:mod-data-export-spring Critical
CVE-2024-23687 was published for org.folio:mod-data-export-spring (Maven) Jan 20, 2024
Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This... Moderate Unreviewed
CVE-2025-41380 was published May 23, 2025
Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in... Moderate Unreviewed
CVE-2025-36572 was published May 28, 2025
Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded... Critical Unreviewed
CVE-2025-48748 was published May 29, 2025
The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and... Critical Unreviewed
CVE-2025-46352 was published May 30, 2025
Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an... Moderate Unreviewed
CVE-2025-4633 was published May 30, 2025
An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704. It uses... High Unreviewed
CVE-2019-7161 was published May 13, 2022
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with... Moderate Unreviewed
CVE-2021-41320 was published May 24, 2022
A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. This... Moderate Unreviewed
CVE-2025-5164 was published May 26, 2025
A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE... Critical Unreviewed
CVE-2025-20188 was published May 7, 2025
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a... Moderate Unreviewed
CVE-2024-23453 was published Jan 24, 2024
A predefined administrative account is not documented and cannot be deactivated. This account... Critical Unreviewed
CVE-2025-3321 was published Jun 6, 2025
WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass... Moderate Unreviewed
CVE-2025-5751 was published Jun 6, 2025
The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated... High Unreviewed
CVE-2025-35940 was published Jun 10, 2025
OpenC3 COSMOS v6.0.0 was discovered to contain hardcoded credentials for the Service Account. Critical Unreviewed
CVE-2025-28388 was published Jun 13, 2025
D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including... Critical Unreviewed
CVE-2025-45784 was published Jun 18, 2025
Root user password is hardcoded into the device and cannot be changed in the user interface. Critical Unreviewed
CVE-2023-49253 was published Jan 12, 2024
Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded... High Unreviewed
CVE-2012-6428 was published May 17, 2022
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified... Critical Unreviewed
CVE-2025-20309 was published Jul 2, 2025
ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials. Critical Unreviewed
CVE-2025-45813 was published Jul 2, 2025
A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The... High Unreviewed
CVE-2025-52492 was published Jul 7, 2025
Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing... Critical Unreviewed
CVE-2025-37103 was published Jul 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database