Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

37 advisories

Loading
Use of hard-coded password issue/vulnerability in SS1 Ver.16.0.0.10 and earlier (Media version:16... High Unreviewed
CVE-2025-58081 was published Aug 28, 2025
A vulnerability was identified in FNKvision Y215 CCTV Camera 10.194.120.40. Affected by this... High Unreviewed
CVE-2025-9380 was published Aug 24, 2025
A vulnerability was found in Belkin F9K1009 and F9K1010 2.00.04/2.00.09 and classified as... High Unreviewed
CVE-2025-8730 was published Aug 8, 2025
RUCKUS Network Director (RND) before 4.5 allows jailed users to obtain root access vis a weak,... High Unreviewed
CVE-2025-44955 was published Aug 4, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04... High Unreviewed
CVE-2025-8231 was published Jul 27, 2025
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22.... High Unreviewed
CVE-2025-7564 was published Jul 14, 2025
A vulnerability was identified in SUR-FBD CMMS where hard-coded credentials were found within a... High Unreviewed
CVE-2025-3920 was published Jul 7, 2025
A hard-coded, non-random password for the object store (minio) of KNIME Business Hub in all... High Unreviewed
CVE-2025-2402 was published Mar 31, 2025
On IROAD v9 devices, the dashcam has hardcoded default credentials ("qwertyuiop") that cannot be... High Unreviewed
CVE-2025-30106 was published Mar 18, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, contain(s) a Use of Hard-coded Password... High Unreviewed
CVE-2024-48831 was published Mar 17, 2025
A vulnerability classified as critical was found in IROAD Dash Cam X5 and Dash Cam X6 up to... High Unreviewed
CVE-2025-2343 was published Mar 16, 2025
TRENDnet TEW-929DRU 1.0.0.10 was discovered to contain a hardcoded password vulnerability in /etc... High Unreviewed
CVE-2025-25428 was published Feb 28, 2025
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain hardcoded credentials for several... High Unreviewed
CVE-2024-46328 was published Sep 26, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an... High Unreviewed
CVE-2024-39585 was published Sep 6, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed
CVE-2024-41616 was published Aug 6, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... High Unreviewed
CVE-2024-38885 was published Aug 2, 2024
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have... High Unreviewed
CVE-2024-39345 was published Jul 24, 2024
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock... High Unreviewed
CVE-2024-5275 was published Jun 18, 2024
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability... High Unreviewed
CVE-2024-37644 was published Jun 14, 2024
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see... High Unreviewed
CVE-2024-27164 was published Jun 14, 2024
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password... High Unreviewed
CVE-2024-34211 was published May 14, 2024
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability... High Unreviewed
CVE-2023-32145 was published May 3, 2024
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability... High Unreviewed
CVE-2024-29011 was published May 1, 2024
DYMO LabelWriter Print Server through 2.366 contains a backdoor hard-coded password that could... High Unreviewed
CVE-2023-49963 was published Apr 19, 2024
In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password). High Unreviewed
CVE-2024-28066 was published Apr 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database