Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,145 advisories

Loading
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed
CVE-2024-3699 was published Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed
CVE-2024-3700 was published Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed
CVE-2024-1228 was published Jun 10, 2024
Precor touchscreen console P82 contains a private SSH key that corresponds to a default public... High Unreviewed
CVE-2023-49222 was published Jun 7, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-49223 was published Jun 7, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the... High Unreviewed
CVE-2023-49224 was published Jun 7, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker (within the local... High Unreviewed
CVE-2023-49221 was published Jun 7, 2024
Authentication bypass in dtale High
CVE-2024-3408 was published for dtale (pip) Jun 6, 2024
Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials... High Unreviewed
CVE-2024-29170 was published Jun 4, 2024
TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in ... Critical Unreviewed
CVE-2024-36782 was published Jun 3, 2024
'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to... High Unreviewed
CVE-2024-32988 was published May 22, 2024
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5... High Unreviewed
CVE-2024-4844 was published May 16, 2024
Hard-coded credentials are used by the  CyberPower PowerPanel platform to authenticate to the ... Critical Unreviewed
CVE-2024-32053 was published May 15, 2024
Weak account password in GE HealthCare EchoPAC products Critical Unreviewed
CVE-2024-27107 was published May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device... Critical Unreviewed
CVE-2024-32740 was published May 14, 2024
TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the... High Unreviewed
CVE-2024-34219 was published May 14, 2024
The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication... High Unreviewed
CVE-2024-23473 was published May 14, 2024
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST... High Unreviewed
CVE-2023-26566 was published May 14, 2024
Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation... High Unreviewed
CVE-2023-51588 was published May 3, 2024
D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass... Critical Unreviewed
CVE-2023-44411 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass... Moderate Unreviewed
CVE-2023-39458 was published May 3, 2024
D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This... High Unreviewed
CVE-2023-35724 was published May 3, 2024
NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2023-34284 was published May 3, 2024
Unauthenticated attackers can perform actions, using SSH private keys, by knowing the IP address... High Unreviewed
CVE-2024-3544 was published May 2, 2024
In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server... High Unreviewed
CVE-2023-52723 was published Apr 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database