Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

33 advisories

Loading
Securden’s Unified PAM Remote Vendor Gateway access portal shares infrastructure and access... High Unreviewed
CVE-2025-6737 was published Aug 26, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain insecure credentials for the... Moderate Unreviewed
CVE-2025-55584 was published Aug 18, 2025
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if... Critical Unreviewed
CVE-2024-1039 was published Feb 2, 2024
On multiple products of SEIKO EPSON and FUJIFILM Corporation, the initial administrator password... High Unreviewed
CVE-2025-35970 was published Aug 7, 2025
Partner Software's Partner Software Product and corresponding Partner Web application use the... Critical Unreviewed
CVE-2025-6077 was published Aug 2, 2025
ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a common credential for all... High Unreviewed
CVE-2025-53558 was published Jul 31, 2025
An unauthenticated attacker who knows the target device's serial number, can generate the default... Critical Unreviewed
CVE-2024-51978 was published Jun 26, 2025
Use of weak credentials in emergency authentication component in Devolutions Server allows an... High Unreviewed
CVE-2025-6523 was published Jul 22, 2025
Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.93 allows the telnet service... High Unreviewed
CVE-2025-52364 was published Jul 9, 2025
In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password). High Unreviewed
CVE-2024-28066 was published Apr 8, 2024
The device’s passwords have not been adequately salted, making them vulnerable to password... Low Unreviewed
CVE-2025-32471 was published Apr 28, 2025
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... High Unreviewed
CVE-2024-29071 was published Mar 25, 2024
HGW BL1500HM Ver 002.001.013 and earlier contains a use of week credentials issue. A network... Moderate Unreviewed
CVE-2024-21865 was published Mar 25, 2024
A token is created using the username, current date/time, and a fixed AES-128 encryption key,... High Unreviewed
CVE-2025-2229 was published Mar 13, 2025
An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W... High Unreviewed
CVE-2025-22936 was published Feb 6, 2025
TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227... Moderate Unreviewed
CVE-2023-28368 was published Apr 11, 2023
A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as... Low Unreviewed
CVE-2025-1081 was published Feb 6, 2025
A weak credentials vulnerability potentially allows privileged system access via SSH to Sophos... Critical Unreviewed
CVE-2024-12728 was published Dec 19, 2024
Snap One OvrC Pro versions prior to 7.2 have their own locally... Critical Unreviewed
CVE-2023-31240 was published May 22, 2023
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism... High Unreviewed
CVE-2024-45722 was published Dec 6, 2024
Kieback & Peter's DDC4000 series uses weak credentials, which may allow an unauthenticated... Critical Unreviewed
CVE-2024-43698 was published Oct 23, 2024
An unauthenticated remote attacker can perform a brute-force attack on the credentials of the... High Unreviewed
CVE-2024-45272 was published Oct 15, 2024
The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient,... Moderate Unreviewed
CVE-2024-42027 was published Oct 7, 2024
A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI... Moderate Unreviewed
CVE-2023-6951 was published Apr 2, 2024
Improper Privilege Management vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed
CVE-2023-0635 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database