Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

15 advisories

Loading
Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the... Low Unreviewed
CVE-2020-25168 was published Apr 15, 2022
CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption... Low Unreviewed
CVE-2020-6857 was published May 24, 2022
An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of... Low Unreviewed
CVE-2019-5139 was published May 24, 2022
A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in... Low Unreviewed
CVE-2020-7515 was published May 24, 2022
A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two internal service APIs were... Low Unreviewed
CVE-2020-25688 was published May 24, 2022
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4... Low Unreviewed
CVE-2018-5552 was published May 13, 2022
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical... Low Unreviewed
CVE-2022-32967 was published Nov 29, 2022
Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service... Low Unreviewed
CVE-2022-0131 was published Jan 18, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses hard coded credentials which could... Low Unreviewed
CVE-2019-4309 was published May 24, 2022
There is an improper authentication vulnerability in Pandora FMS v764. The application verifies... Low Unreviewed
CVE-2022-43978 was published Jan 28, 2023
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3... Low Unreviewed
CVE-2023-28895 was published Dec 1, 2023
A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719.... Low Unreviewed
CVE-2024-1661 was published Feb 20, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as... Low Unreviewed
CVE-2024-7155 was published Jul 28, 2024
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A... Low Unreviewed
CVE-2024-39582 was published Sep 10, 2024
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key,... Low Unreviewed
CVE-2023-20512 was published Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database