Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,145 advisories

Loading
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as... Critical Unreviewed
CVE-2024-7332 was published Aug 1, 2024
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique... Moderate Unreviewed
CVE-2024-33895 was published Aug 2, 2024
ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may... High Unreviewed
CVE-2024-39838 was published Aug 5, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed
CVE-2024-41616 was published Aug 6, 2024
Password reset tokens are generated using an insecure source of randomness. Attackers who know... Critical Unreviewed
CVE-2024-6890 was published Aug 8, 2024
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and... High Unreviewed
CVE-2024-41161 was published Aug 8, 2024
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key,... Low Unreviewed
CVE-2023-20512 was published Aug 13, 2024
Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P... Moderate Unreviewed
CVE-2024-31798 was published Aug 15, 2024
H3C R3010 v100R002L02 was discovered to contain a hardcoded password vulnerability in /etc/shadow... Critical Unreviewed
CVE-2024-42637 was published Aug 16, 2024
H3C Magic B1ST v100R012 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-42638 was published Aug 16, 2024
A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This... Moderate Unreviewed
CVE-2024-8005 was published Aug 20, 2024
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability,... Critical Unreviewed
CVE-2024-28987 was published Aug 22, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between... Moderate Unreviewed
CVE-2024-45165 was published Aug 22, 2024
A vulnerability classified as critical has been found in Go-Tribe gotribe up to... Moderate Unreviewed
CVE-2024-8135 was published Aug 25, 2024
A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207.... Critical Unreviewed
CVE-2024-8162 was published Aug 26, 2024
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are... Critical Unreviewed
CVE-2024-6633 was published Aug 27, 2024
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by... Moderate Unreviewed
CVE-2024-35118 was published Aug 29, 2024
A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker... Critical Unreviewed
CVE-2024-20439 was published Sep 4, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an... High Unreviewed
CVE-2024-39585 was published Sep 6, 2024
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A... Low Unreviewed
CVE-2024-39582 was published Sep 10, 2024
SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential... Moderate Unreviewed
CVE-2024-28990 was published Sep 12, 2024
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read... High Unreviewed
CVE-2024-6656 was published Sep 13, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet... High Unreviewed
CVE-2024-45698 was published Sep 16, 2024
Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat... High Unreviewed
CVE-2023-41612 was published Sep 18, 2024
Dragonfly2 has hard coded cyptographic key Critical
CVE-2023-27584 was published for d7y.io/dragonfly/v2 (Go) Sep 19, 2024
cokeBeer
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database