GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,093 advisories

Filter by severity

Sort by

Least recently updated

Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if... Critical Unreviewed

CVE-2024-45861 was published Sep 19, 2024

Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat... High Unreviewed

CVE-2023-41612 was published Sep 18, 2024

Certain models of D-Link wireless routers do not properly validate user input in the telnet... High Unreviewed

CVE-2024-45698 was published Sep 16, 2024

Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read... High Unreviewed

CVE-2024-6656 was published Sep 13, 2024

SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential... Moderate Unreviewed

CVE-2024-28990 was published Sep 12, 2024

Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A... Low Unreviewed

CVE-2024-39582 was published Sep 10, 2024

Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an... High Unreviewed

CVE-2024-39585 was published Sep 6, 2024

A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker... Critical Unreviewed

CVE-2024-20439 was published Sep 4, 2024

IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by... Moderate Unreviewed

CVE-2024-35118 was published Aug 29, 2024

The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are... Critical Unreviewed

CVE-2024-6633 was published Aug 27, 2024

A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207.... Critical Unreviewed

CVE-2024-8162 was published Aug 26, 2024

A vulnerability classified as critical has been found in Go-Tribe gotribe up to... Moderate Unreviewed

CVE-2024-8135 was published Aug 25, 2024

The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability,... Critical Unreviewed

CVE-2024-28987 was published Aug 22, 2024

A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-8005 was published Aug 20, 2024

H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed

CVE-2024-42638 was published Aug 16, 2024

H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow... Critical Unreviewed

CVE-2024-42637 was published Aug 16, 2024

Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P... Moderate Unreviewed

CVE-2024-31798 was published Aug 15, 2024

Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and... High Unreviewed

CVE-2024-41161 was published Aug 8, 2024

Password reset tokens are generated using an insecure source of randomness. Attackers who know... Critical Unreviewed

CVE-2024-6890 was published Aug 8, 2024

D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed

CVE-2024-41616 was published Aug 6, 2024

ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may... High Unreviewed

CVE-2024-39838 was published Aug 5, 2024

Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique... Moderate Unreviewed

CVE-2024-33895 was published Aug 2, 2024

A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as... Critical Unreviewed

CVE-2024-7332 was published Aug 1, 2024

D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet... Critical Unreviewed

CVE-2024-41610 was published Jul 30, 2024

In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded... Critical Unreviewed

CVE-2024-41611 was published Jul 30, 2024

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,093 advisories