Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

159 advisories

Loading
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between... Moderate Unreviewed
CVE-2024-45165 was published Aug 22, 2024
A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with... Moderate Unreviewed
CVE-2024-20280 was published Oct 16, 2024
A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may... Moderate Unreviewed
CVE-2023-39982 was published Sep 2, 2023
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in... Moderate Unreviewed
CVE-2024-5764 was published Oct 23, 2024
MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded... Moderate Unreviewed
CVE-2024-4740 was published Oct 18, 2024
Certain switch models from PLANET Technology have a Hard-coded Credential in the password... Moderate Unreviewed
CVE-2024-8449 was published Sep 30, 2024
Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass... Moderate Unreviewed
CVE-2024-23958 was published Sep 28, 2024
Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for... Moderate Unreviewed
CVE-2023-43583 was published Dec 14, 2023
SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential... Moderate Unreviewed
CVE-2024-28990 was published Sep 12, 2024
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique... Moderate Unreviewed
CVE-2024-33895 was published Aug 2, 2024
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by... Moderate Unreviewed
CVE-2024-35118 was published Aug 29, 2024
A vulnerability classified as critical has been found in Go-Tribe gotribe up to... Moderate Unreviewed
CVE-2024-8135 was published Aug 25, 2024
A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This... Moderate Unreviewed
CVE-2024-8005 was published Aug 20, 2024
Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P... Moderate Unreviewed
CVE-2024-31798 was published Aug 15, 2024
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This... Moderate Unreviewed
CVE-2024-7170 was published Jul 29, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An... Moderate Unreviewed
CVE-2024-27161 was published Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed
CVE-2024-27159 was published Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed
CVE-2024-27160 was published Jun 14, 2024
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite... Moderate Unreviewed
CVE-2024-22813 was published Apr 22, 2024
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with... Moderate Unreviewed
CVE-2021-41320 was published May 24, 2022
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass... Moderate Unreviewed
CVE-2023-39458 was published May 3, 2024
NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2023-34284 was published May 3, 2024
Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that is used during an... Moderate Unreviewed
CVE-2019-13399 was published May 24, 2022
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup... Moderate Unreviewed
CVE-2019-6693 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database