Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

430 advisories

Loading
Keycloak Build Process Exposes Sensitive Data High
CVE-2024-10451 was published for org.keycloak:keycloak-quarkus-server (Maven) Nov 25, 2024
shawkins
Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro... High Unreviewed
CVE-2024-52788 was published Nov 19, 2024
Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in ... High Unreviewed
CVE-2024-52789 was published Nov 19, 2024
Azure Stack HCI Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49060 was published Nov 15, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of... High Unreviewed
CVE-2024-7295 was published Nov 13, 2024
An attacker with local access to the medical office computer can access restricted functions of... High Unreviewed
CVE-2024-50593 was published Nov 8, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows... High Unreviewed
CVE-2024-28875 was published Oct 30, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows... High Unreviewed
CVE-2024-31151 was published Oct 30, 2024
Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in ... High Unreviewed
CVE-2024-48192 was published Oct 17, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local... High Unreviewed
CVE-2024-28812 was published Sep 30, 2024
Certain switch models from PLANET Technology have a hard-coded credential in the specific command... High Unreviewed
CVE-2024-8448 was published Sep 30, 2024
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1... High Unreviewed
CVE-2024-8450 was published Sep 30, 2024
Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat... High Unreviewed
CVE-2023-41612 was published Sep 18, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet... High Unreviewed
CVE-2024-45698 was published Sep 16, 2024
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read... High Unreviewed
CVE-2024-6656 was published Sep 13, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an... High Unreviewed
CVE-2024-39585 was published Sep 6, 2024
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and... High Unreviewed
CVE-2024-41161 was published Aug 8, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed
CVE-2024-41616 was published Aug 6, 2024
ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may... High Unreviewed
CVE-2024-39838 was published Aug 5, 2024
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover... High Unreviewed
CVE-2024-5471 was published Jul 17, 2024
A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)... High Unreviewed
CVE-2024-5460 was published Jun 26, 2024
The configuration file is encrypted with a static key derived from a static five-character... High Unreviewed
CVE-2024-36496 was published Jun 24, 2024
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor.... High Unreviewed
CVE-2024-6045 was published Jun 17, 2024
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the... High Unreviewed
CVE-2024-27170 was published Jun 14, 2024
It appears that some hardcoded keys are used for authentication to internal API. Knowing these... High Unreviewed
CVE-2024-27168 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database