GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
552 advisories
Filter by severity
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/...
Critical
Unreviewed
CVE-2018-17558
was published
Oct 27, 2023
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key
Critical
Unreviewed
CVE-2023-42492
was published
Oct 25, 2023
Sureness uses hardcoded key
Critical
CVE-2023-31581
was published
for
com.usthe.sureness:sureness-core
(Maven)
Oct 25, 2023
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or...
Critical
Unreviewed
CVE-2022-22466
was published
Oct 23, 2023
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or...
Critical
Unreviewed
CVE-2023-33836
was published
Oct 16, 2023
All versions of the qBittorrent client through 4.5.5 use default credentials when the web user...
Critical
Unreviewed
CVE-2023-30801
was published
Oct 10, 2023
Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information...
Critical
Unreviewed
CVE-2023-2306
was published
Oct 5, 2023
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to...
Critical
Unreviewed
CVE-2023-20101
was published
Oct 4, 2023
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation...
Critical
Unreviewed
CVE-2023-2809
was published
Oct 4, 2023
Use of a static key to protect a JWT token used in user authentication can allow an for an...
Critical
Unreviewed
CVE-2023-5074
was published
Sep 20, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Devices ekorCCP and ekorRCI are vulnerable due to access to the...
Critical
Unreviewed
CVE-2022-47558
was published
Sep 19, 2023
An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2023-42336
was published
Sep 16, 2023
i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default...
Critical
Unreviewed
CVE-2023-37755
was published
Sep 14, 2023
The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates...
Critical
Unreviewed
CVE-2023-39422
was published
Sep 7, 2023
A hard coded password in Super Store Finder v3.6 allows attackers to access the administration...
Critical
Unreviewed
CVE-2023-41508
was published
Sep 5, 2023
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site...
Critical
Unreviewed
CVE-2023-23770
was published
Aug 29, 2023
SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-coded uBoot credentials. An...
Critical
Unreviewed
CVE-2023-38026
was published
Aug 28, 2023
SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of using hard-coded...
Critical
Unreviewed
CVE-2023-38024
was published
Aug 28, 2023
N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which...
Critical
Unreviewed
CVE-2023-39808
was published
Aug 21, 2023
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential...
Critical
Unreviewed
CVE-2023-4204
was published
Aug 16, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to...
Critical
Unreviewed
CVE-2023-3264
was published
Aug 14, 2023
Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's...
Critical
Unreviewed
CVE-2023-33372
was published
Aug 4, 2023
Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and...
Critical
Unreviewed
CVE-2023-33371
was published
Aug 3, 2023
JBL soundbar multibeam 5.1 - CWE-798: Use of Hard-coded Credentials
Critical
Unreviewed
CVE-2023-37215
was published
Jul 30, 2023
Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials
Critical
Unreviewed
CVE-2023-32227
was published
Jul 30, 2023
ProTip!
Advisories are also available from the
GraphQL API