Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,093 advisories

Loading
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This... Moderate Unreviewed
CVE-2024-7170 was published Jul 29, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as... Low Unreviewed
CVE-2024-7155 was published Jul 28, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to... Critical Unreviewed
CVE-2024-6912 was published Jul 22, 2024
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover... High Unreviewed
CVE-2024-5471 was published Jul 17, 2024
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Critical Unreviewed
CVE-2024-35338 was published Jul 16, 2024
An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS... Critical Unreviewed
CVE-2024-28747 was published Jul 9, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013... Critical Unreviewed
CVE-2023-46685 was published Jul 8, 2024
mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code... Critical Unreviewed
CVE-2024-4708 was published Jul 3, 2024
Hardcoded credentials are discovered within the application's source code, creating a potential... Critical Unreviewed
CVE-2023-41919 was published Jul 2, 2024
luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials. Critical Unreviewed
CVE-2024-39208 was published Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account... Critical Unreviewed
CVE-2024-39374 was published Jun 27, 2024
A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x allows attackers to bypass... Unknown Unreviewed
CVE-2024-33329 was published Jun 26, 2024
A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)... High Unreviewed
CVE-2024-5460 was published Jun 26, 2024
Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User... Critical Unreviewed
CVE-2023-6198 was published Jun 25, 2024
The configuration file is encrypted with a static key derived from a static five-character... High Unreviewed
CVE-2024-36496 was published Jun 24, 2024
Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier... Critical Unreviewed
CVE-2024-36480 was published Jun 19, 2024
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor.... High Unreviewed
CVE-2024-6045 was published Jun 17, 2024
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password. Critical Unreviewed
CVE-2024-38466 was published Jun 16, 2024
It appears that some hardcoded keys are used for authentication to internal API. Knowing these... High Unreviewed
CVE-2024-27168 was published Jun 14, 2024
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the... High Unreviewed
CVE-2024-27170 was published Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed
CVE-2024-27159 was published Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed
CVE-2024-27160 was published Jun 14, 2024
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An... Moderate Unreviewed
CVE-2024-27161 was published Jun 14, 2024
D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc... High Unreviewed
CVE-2024-37630 was published Jun 13, 2024
ProTip! Advisories are also available from the GraphQL API