Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

483 advisories

Loading
An issue in H3C Magic M Device M2V100R006 allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2025-57578 was published Sep 12, 2025
An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to... High Unreviewed
CVE-2025-57579 was published Sep 12, 2025
An issue in H3C Device R365V300R004 allows a remote attacker to execute arbitrary code via the... High Unreviewed
CVE-2025-57577 was published Sep 12, 2025
CWE-798 Use of Hard-coded Credentials High Unreviewed
CVE-2025-55047 was published Sep 9, 2025
hippo4j Includes Hard Coded Secret Key in JWT Creation High
CVE-2025-51606 was published for cn.hippo4j:hippo4j-core (Maven) Aug 21, 2025
A security issue was discovered in the Kubernetes Image Builder where default credentials are... High Unreviewed
CVE-2025-7342 was published Aug 18, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04... High Unreviewed
CVE-2025-8231 was published Jul 27, 2025
Unitree Go1 <= Go1_2022_05_11 is vulnerale to Incorrect Access Control due to authentication... High Unreviewed
CVE-2025-45466 was published Jul 25, 2025
HCL iAutomate includes hardcoded credentials which may result in potential exposure of... High Unreviewed
CVE-2025-31953 was published Jul 24, 2025
Use of Hard-coded Credentials vulnerability in PAVO Inc. PAVO Pay allows Read Sensitive Constants... High Unreviewed
CVE-2025-4130 was published Jul 21, 2025
Use of hard-coded, the same among all vulnerable installations SQLite credentials vulnerability... High Unreviewed
CVE-2025-4049 was published Jul 21, 2025
An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized... High Unreviewed
CVE-2025-4569 was published Jul 21, 2025
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22.... High Unreviewed
CVE-2025-7564 was published Jul 14, 2025
Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic... High Unreviewed
CVE-2025-5023 was published Jul 10, 2025
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded... High Unreviewed
CVE-2025-49551 was published Jul 8, 2025
A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The... High Unreviewed
CVE-2025-52492 was published Jul 7, 2025
Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974... High Unreviewed
CVE-2025-34509 was published Jun 17, 2025
The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated... High Unreviewed
CVE-2025-35940 was published Jun 10, 2025
The `/etc/passwd` and `/etc/shadow` files reveal hard-coded password hashes for the operating... High Unreviewed
CVE-2025-48413 was published May 21, 2025
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The... High Unreviewed
CVE-2025-32889 was published May 2, 2025
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The... High Unreviewed
CVE-2025-32888 was published May 2, 2025
Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and... High Unreviewed
CVE-2025-46617 was published Apr 25, 2025
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability... High Unreviewed
CVE-2025-2765 was published Apr 23, 2025
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent... High Unreviewed
CVE-2025-3426 was published Apr 7, 2025
An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to... High Unreviewed
CVE-2025-30118 was published Mar 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database