GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
537 advisories
Filter by severity
Password reset tokens are generated using an insecure source of randomness. Attackers who know...
Critical
Unreviewed
CVE-2024-6890
was published
Aug 8, 2024
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as...
Critical
Unreviewed
CVE-2024-7332
was published
Aug 1, 2024
D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet...
Critical
Unreviewed
CVE-2024-41610
was published
Jul 30, 2024
In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded...
Critical
Unreviewed
CVE-2024-41611
was published
Jul 30, 2024
Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to...
Critical
Unreviewed
CVE-2024-6912
was published
Jul 22, 2024
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root.
Critical
Unreviewed
CVE-2024-35338
was published
Jul 16, 2024
An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS...
Critical
Unreviewed
CVE-2024-28747
was published
Jul 9, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013...
Critical
Unreviewed
CVE-2023-46685
was published
Jul 8, 2024
mySCADA myPRO
uses a hard-coded password which could allow an attacker to remotely execute code...
Critical
Unreviewed
CVE-2024-4708
was published
Jul 3, 2024
Hardcoded credentials are discovered within the application's source code, creating a potential...
Critical
Unreviewed
CVE-2023-41919
was published
Jul 2, 2024
luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials.
Critical
Unreviewed
CVE-2024-39208
was published
Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account...
Critical
Unreviewed
CVE-2024-39374
was published
Jun 27, 2024
Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User...
Critical
Unreviewed
CVE-2023-6198
was published
Jun 25, 2024
Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier...
Critical
Unreviewed
CVE-2024-36480
was published
Jun 19, 2024
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password.
Critical
Unreviewed
CVE-2024-38466
was published
Jun 16, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive...
Critical
Unreviewed
CVE-2024-3700
was published
Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive...
Critical
Unreviewed
CVE-2024-1228
was published
Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive...
Critical
Unreviewed
CVE-2024-3699
was published
Jun 10, 2024
TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in ...
Critical
Unreviewed
CVE-2024-36782
was published
Jun 3, 2024
Hard-coded credentials are used by the
CyberPower PowerPanel
platform to authenticate to the ...
Critical
Unreviewed
CVE-2024-32053
was published
May 15, 2024
Weak account password in GE HealthCare EchoPAC products
Critical
Unreviewed
CVE-2024-27107
was published
May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device...
Critical
Unreviewed
CVE-2024-32740
was published
May 14, 2024
D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass...
Critical
Unreviewed
CVE-2023-44411
was published
May 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been...
Critical
Unreviewed
CVE-2024-3272
was published
Apr 4, 2024
Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass...
Critical
Unreviewed
CVE-2024-2161
was published
Mar 21, 2024
ProTip!
Advisories are also available from the
GraphQL API