GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,820

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

206 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was determined in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3... Moderate Unreviewed

CVE-2025-9310 was published Aug 21, 2025

IBM Concert Software 1.0.0 through 1.1.0 contains hard-coded credentials, such as a password or... Moderate Unreviewed

CVE-2025-33100 was published Aug 18, 2025

This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored... Moderate Unreviewed

CVE-2025-54465 was published Aug 13, 2025

This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within... Moderate Unreviewed

CVE-2025-55279 was published Aug 13, 2025

SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If... Moderate Unreviewed

CVE-2025-26398 was published Aug 12, 2025

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7.... Moderate Unreviewed

CVE-2025-8530 was published Aug 5, 2025

A vulnerability was discovered in the storage policy for certain sets of authentication keys in... Moderate Unreviewed

CVE-2025-37111 was published Jul 31, 2025

A vulnerability was discovered in the storage policy for certain sets of encryption keys in the... Moderate Unreviewed

CVE-2025-37112 was published Jul 31, 2025

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized... Moderate Unreviewed

CVE-2025-4570 was published Jul 21, 2025

Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( ... Moderate Unreviewed

CVE-2025-6982 was published Jul 16, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials... Moderate Unreviewed

CVE-2025-53754 was published Jul 16, 2025

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN... Moderate Unreviewed

CVE-2025-53842 was published Jul 16, 2025

Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file... Moderate Unreviewed

CVE-2025-52363 was published Jul 14, 2025

WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass... Moderate Unreviewed

CVE-2025-5751 was published Jun 6, 2025

Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an... Moderate Unreviewed

CVE-2025-4633 was published May 30, 2025

Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in... Moderate Unreviewed

CVE-2025-36572 was published May 28, 2025

A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. This... Moderate Unreviewed

CVE-2025-5164 was published May 26, 2025

Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This... Moderate Unreviewed

CVE-2025-41380 was published May 23, 2025

There are several scripts in the web interface that are accessible via undocumented hard-coded... Moderate Unreviewed

CVE-2025-48414 was published May 21, 2025

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to... Moderate Unreviewed

CVE-2025-4876 was published May 19, 2025

Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to... Moderate Unreviewed

CVE-2025-27488 was published May 13, 2025

The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an... Moderate Unreviewed

CVE-2025-47730 was published May 8, 2025

CWE-798: Use of Hard-coded Credentials Moderate Unreviewed

CVE-2025-23179 was published Apr 29, 2025

The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in... Moderate Unreviewed

CVE-2024-13688 was published Apr 28, 2025

In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The... Moderate Unreviewed

CVE-2025-30109 was published Mar 18, 2025

Previous1…9 Next

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

206 advisories