Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,290 advisories

Loading
An issue in H3C Device R365V300R004 allows a remote attacker to execute arbitrary code via the... High Unreviewed
CVE-2025-57577 was published Sep 12, 2025
A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7.... Moderate Unreviewed
CVE-2025-8530 was published Aug 5, 2025
An issue in H3C Magic M Device M2V100R006 allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2025-57578 was published Sep 12, 2025
An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to... High Unreviewed
CVE-2025-57579 was published Sep 12, 2025
A vulnerability was determined in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3... Moderate Unreviewed
CVE-2025-9310 was published Aug 21, 2025
The BeyondCart Connector plugin for WordPress is vulnerable to Privilege Escalation due to... Critical Unreviewed
CVE-2025-8570 was published Sep 11, 2025
CWE-798 Use of Hard-coded Credentials High Unreviewed
CVE-2025-55047 was published Sep 9, 2025
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1... High Unreviewed
CVE-2014-9198 was published May 14, 2022
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default... Critical Unreviewed
CVE-2025-35451 was published Sep 5, 2025
A vulnerability was identified in Cudy LT500E up to 2.3.12. Affected is an unknown function of... Low Unreviewed
CVE-2025-9725 was published Sep 5, 2025
PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials... Critical Unreviewed
CVE-2025-35452 was published Sep 5, 2025
Clinic Image System developed by Changing contains hard-coded Credentials, allowing... Critical Unreviewed
CVE-2025-8857 was published Aug 29, 2025
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.  Critical Unreviewed
CVE-2024-28751 was published Jul 9, 2024
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart... Moderate Unreviewed
CVE-2023-40146 was published Apr 17, 2024
IBM Concert Software 1.0.0 through 1.1.0 contains hard-coded credentials, such as a password or... Moderate Unreviewed
CVE-2025-33100 was published Aug 18, 2025
A security issue was discovered in the Kubernetes Image Builder where default credentials are... High Unreviewed
CVE-2025-7342 was published Aug 18, 2025
Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by... Critical Unreviewed
CVE-2025-43982 was published Aug 13, 2025
This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored... Moderate Unreviewed
CVE-2025-54465 was published Aug 13, 2025
This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within... Moderate Unreviewed
CVE-2025-55279 was published Aug 13, 2025
Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure... Moderate Unreviewed
CVE-2023-39482 was published May 3, 2024
SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If... Moderate Unreviewed
CVE-2025-26398 was published Aug 12, 2025
Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if... Critical Unreviewed
CVE-2024-1039 was published Feb 2, 2024
Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow... Critical Unreviewed
CVE-2025-7768 was published Aug 6, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04... High Unreviewed
CVE-2025-8231 was published Jul 27, 2025
Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded... Critical Unreviewed
CVE-2025-51536 was published Aug 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database