GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
71 advisories
Filter by severity
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device...
Critical
Unreviewed
CVE-2024-32741
was published
May 14, 2024
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password...
High
Unreviewed
CVE-2024-34211
was published
May 14, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ...
Unknown
Unreviewed
CVE-2024-31810
was published
May 14, 2024
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability...
Moderate
Unreviewed
CVE-2023-51629
was published
May 3, 2024
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability...
High
Unreviewed
CVE-2023-32145
was published
May 3, 2024
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability...
High
Unreviewed
CVE-2024-29011
was published
May 1, 2024
The LoMag WareHouse Management application version 1.0.20.120 and older were to utilize hard...
Moderate
Unreviewed
CVE-2024-32210
was published
May 1, 2024
DYMO LabelWriter Print Server through 2.366 contains a backdoor hard-coded password that could...
High
Unreviewed
CVE-2023-49963
was published
Apr 19, 2024
ONTAP Select Deploy administration utility versions 9.12.1.x,
9.13.1.x and 9.14.1.x contain hard...
Moderate
Unreviewed
CVE-2024-21990
was published
Apr 17, 2024
Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote...
Critical
Unreviewed
CVE-2024-27488
was published
Apr 8, 2024
Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3,...
Critical
Unreviewed
CVE-2024-28010
was published
Mar 28, 2024
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-26196
was published
Mar 21, 2024
Chirp Access improperly stores credentials within its source code, potentially exposing...
Critical
Unreviewed
CVE-2024-2197
was published
Mar 20, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 -
CWE-259: Use of Hard-coded...
High
Unreviewed
CVE-2024-27774
was published
Mar 18, 2024
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or...
Moderate
Unreviewed
CVE-2023-50948
was published
Jan 8, 2024
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3...
Low
Unreviewed
CVE-2023-28895
was published
Dec 1, 2023
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
High
Unreviewed
CVE-2023-41713
was published
Oct 18, 2023
A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. This...
Moderate
Unreviewed
CVE-2023-5222
was published
Sep 27, 2023
Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated...
Moderate
Unreviewed
CVE-2023-41030
was published
Sep 18, 2023
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site...
Critical
Unreviewed
CVE-2023-23770
was published
Aug 29, 2023
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man...
High
Unreviewed
CVE-2023-23771
was published
Aug 29, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2...
Critical
Unreviewed
CVE-2022-45444
was published
Jul 6, 2023
A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects...
Moderate
Unreviewed
CVE-2023-3237
was published
Jun 14, 2023
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-2061
was published
Jun 2, 2023
This vulnerability enables ssh access to minikube container using a default password.
High
Unreviewed
CVE-2023-1944
was published
May 24, 2023
ProTip!
Advisories are also available from the
GraphQL API