Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,326 advisories

Loading
An issue in H3C Magic M Device M2V100R006 allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2025-57578 was published Sep 12, 2025
An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to... High Unreviewed
CVE-2025-57579 was published Sep 12, 2025
An issue in H3C Device R365V300R004 allows a remote attacker to execute arbitrary code via the... High Unreviewed
CVE-2025-57577 was published Sep 12, 2025
The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to... Critical Unreviewed
CVE-2025-8570 was published Sep 11, 2025
CWE-798 Use of Hard-coded Credentials High Unreviewed
CVE-2025-55047 was published Sep 9, 2025
A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of... Low Unreviewed
CVE-2025-9725 was published Sep 5, 2025
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default... Critical Unreviewed
CVE-2025-35451 was published Sep 5, 2025
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials... Critical Unreviewed
CVE-2025-35452 was published Sep 5, 2025
Clinic Image System developed by Changing contains hard-coded Credentials, allowing... Critical Unreviewed
CVE-2025-8857 was published Aug 29, 2025
hippo4j Includes Hard Coded Secret Key in JWT Creation High
CVE-2025-51606 was published for cn.hippo4j:hippo4j-core (Maven) Aug 21, 2025
A vulnerability was determined in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3... Moderate Unreviewed
CVE-2025-9310 was published Aug 21, 2025
IBM Concert Software 1.0.0 through 1.1.0 contains hard-coded credentials, such as a password or... Moderate Unreviewed
CVE-2025-33100 was published Aug 18, 2025
A security issue was discovered in the Kubernetes Image Builder where default credentials are... High Unreviewed
CVE-2025-7342 was published Aug 18, 2025
Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by... Critical Unreviewed
CVE-2025-43982 was published Aug 13, 2025
This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within... Moderate Unreviewed
CVE-2025-55279 was published Aug 13, 2025
This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored... Moderate Unreviewed
CVE-2025-54465 was published Aug 13, 2025
SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If... Moderate Unreviewed
CVE-2025-26398 was published Aug 12, 2025
Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow... Critical Unreviewed
CVE-2025-7768 was published Aug 6, 2025
A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7.... Moderate Unreviewed
CVE-2025-8530 was published Aug 5, 2025
Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded... Critical Unreviewed
CVE-2025-51536 was published Aug 4, 2025
A vulnerability was discovered in the storage policy for certain sets of authentication keys in... Moderate Unreviewed
CVE-2025-37111 was published Jul 31, 2025
A vulnerability was discovered in the storage policy for certain sets of encryption keys in the... Moderate Unreviewed
CVE-2025-37112 was published Jul 31, 2025
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with... Critical Unreviewed
CVE-2025-30125 was published Jul 28, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04... High Unreviewed
CVE-2025-8231 was published Jul 27, 2025
Unitree Go1 <= Go1_2022_05_11 is vulnerale to Incorrect Access Control due to authentication... High Unreviewed
CVE-2025-45466 was published Jul 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database