Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,120 advisories

Loading
It appears that some hardcoded keys are used for authentication to internal API. Knowing these... High Unreviewed
CVE-2024-27168 was published Jun 14, 2024
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password. Critical Unreviewed
CVE-2024-38466 was published Jun 16, 2024
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor.... High Unreviewed
CVE-2024-6045 was published Jun 17, 2024
Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier... Critical Unreviewed
CVE-2024-36480 was published Jun 19, 2024
The configuration file is encrypted with a static key derived from a static five-character... High Unreviewed
CVE-2024-36496 was published Jun 24, 2024
Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User... Critical Unreviewed
CVE-2023-6198 was published Jun 25, 2024
A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)... High Unreviewed
CVE-2024-5460 was published Jun 26, 2024
A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x allows attackers to bypass... Unknown Unreviewed
CVE-2024-33329 was published Jun 26, 2024
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account... Critical Unreviewed
CVE-2024-39374 was published Jun 27, 2024
luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials. Critical Unreviewed
CVE-2024-39208 was published Jun 27, 2024
Hardcoded credentials are discovered within the application's source code, creating a potential... Critical Unreviewed
CVE-2023-41919 was published Jul 2, 2024
mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code... Critical Unreviewed
CVE-2024-4708 was published Jul 3, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013... Critical Unreviewed
CVE-2023-46685 was published Jul 8, 2024
An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS... Critical Unreviewed
CVE-2024-28747 was published Jul 9, 2024
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Critical Unreviewed
CVE-2024-35338 was published Jul 16, 2024
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover... High Unreviewed
CVE-2024-5471 was published Jul 17, 2024
Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to... Critical Unreviewed
CVE-2024-6912 was published Jul 22, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as... Low Unreviewed
CVE-2024-7155 was published Jul 28, 2024
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This... Moderate Unreviewed
CVE-2024-7170 was published Jul 29, 2024
D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet... Critical Unreviewed
CVE-2024-41610 was published Jul 30, 2024
In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded... Critical Unreviewed
CVE-2024-41611 was published Jul 30, 2024
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as... Critical Unreviewed
CVE-2024-7332 was published Aug 1, 2024
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique... Moderate Unreviewed
CVE-2024-33895 was published Aug 2, 2024
ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may... High Unreviewed
CVE-2024-39838 was published Aug 5, 2024
ProTip! Advisories are also available from the GraphQL API