Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

76 advisories

Loading
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man... High Unreviewed
CVE-2023-23771 was published Aug 29, 2023
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site... Critical Unreviewed
CVE-2023-23770 was published Aug 29, 2023
Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated... Moderate Unreviewed
CVE-2023-41030 was published Sep 18, 2023
A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. This... Moderate Unreviewed
CVE-2023-5222 was published Sep 27, 2023
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. High Unreviewed
CVE-2023-41713 was published Oct 18, 2023
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3... Low Unreviewed
CVE-2023-28895 was published Dec 1, 2023
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or... Moderate Unreviewed
CVE-2023-50948 was published Jan 8, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded... High Unreviewed
CVE-2024-27774 was published Mar 18, 2024
Chirp Access improperly stores credentials within its source code, potentially exposing... Critical Unreviewed
CVE-2024-2197 was published Mar 20, 2024
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-26196 was published Mar 21, 2024
Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3,... Critical Unreviewed
CVE-2024-28010 was published Mar 28, 2024
Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote... Critical Unreviewed
CVE-2024-27488 was published Apr 8, 2024
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard... Moderate Unreviewed
CVE-2024-21990 was published Apr 17, 2024
DYMO LabelWriter Print Server through 2.366 contains a backdoor hard-coded password that could... High Unreviewed
CVE-2023-49963 was published Apr 19, 2024
The LoMag WareHouse Management application version 1.0.20.120 and older were to utilize hard... Moderate Unreviewed
CVE-2024-32210 was published May 1, 2024
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability... High Unreviewed
CVE-2024-29011 was published May 1, 2024
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability... High Unreviewed
CVE-2023-32145 was published May 3, 2024
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2023-51629 was published May 3, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ... Unknown Unreviewed
CVE-2024-31810 was published May 14, 2024
TOTOLINK CP450 v4.1.0cu.747_B20191224 was discovered to contain a hardcoded password... High Unreviewed
CVE-2024-34211 was published May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device... Critical Unreviewed
CVE-2024-32741 was published May 14, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt. Moderate Unreviewed
CVE-2024-33867 was published May 14, 2024
CyberPower PowerPanel business application code contains a hard-coded set of authentication ... Critical Unreviewed
CVE-2024-34025 was published May 15, 2024
CyberPower PowerPanel business application code contains a hard-coded JWT signing key. This... Critical Unreviewed
CVE-2024-33625 was published May 15, 2024
A vulnerability exists in the message queueing mechanism that if exploited can lead to the... Moderate Unreviewed
CVE-2024-28023 was published Jun 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database