Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

31 advisories

Loading
A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100,... Critical Unreviewed
CVE-2024-20412 was published Oct 23, 2024
FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114... Critical Unreviewed
CVE-2024-25825 was published Oct 9, 2024
The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user... Critical Unreviewed
CVE-2024-43423 was published Sep 25, 2024
Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password. Critical Unreviewed
CVE-2023-37231 was published Sep 10, 2024
A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220.... Critical Unreviewed
CVE-2024-8580 was published Sep 8, 2024
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as... Critical Unreviewed
CVE-2024-7332 was published Aug 1, 2024
ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a hardcoded cryptographic key. Critical Unreviewed
CVE-2024-36526 was published Jul 9, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013... Critical Unreviewed
CVE-2023-46685 was published Jul 8, 2024
mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code... Critical Unreviewed
CVE-2024-4708 was published Jul 3, 2024
H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-38902 was published Jun 24, 2024
Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to... Critical Unreviewed
CVE-2024-34539 was published Jun 14, 2024
CyberPower PowerPanel business application code contains a hard-coded set of authentication ... Critical Unreviewed
CVE-2024-34025 was published May 15, 2024
CyberPower PowerPanel business application code contains a hard-coded JWT signing key. This... Critical Unreviewed
CVE-2024-33625 was published May 15, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device... Critical Unreviewed
CVE-2024-32741 was published May 14, 2024
Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote... Critical Unreviewed
CVE-2024-27488 was published Apr 8, 2024
Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3,... Critical Unreviewed
CVE-2024-28010 was published Mar 28, 2024
Chirp Access improperly stores credentials within its source code, potentially exposing... Critical Unreviewed
CVE-2024-2197 was published Mar 20, 2024
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site... Critical Unreviewed
CVE-2023-23770 was published Aug 29, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2... Critical Unreviewed
CVE-2022-45444 was published Jul 6, 2023
A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is... Critical Unreviewed
CVE-2023-2645 was published May 11, 2023
A vulnerability classified as critical has been found in Netis Netcore Router. This affects an... Critical Unreviewed
CVE-2018-25069 was published Jan 7, 2023
A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected... Critical Unreviewed
CVE-2014-125030 was published Jan 1, 2023
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an... Critical Unreviewed
CVE-2022-41653 was published Dec 14, 2022
A hard-coded password vulnerability exists in the libcommonprod.so prod_change_root_passwd... Critical Unreviewed
CVE-2022-22144 was published Aug 6, 2022
The Motorola ACE1000 RTU through 2022-05-02 ships with a hardcoded SSH private key and... Critical Unreviewed
CVE-2022-30271 was published Jul 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database