Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,128 advisories

Loading
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access... High Unreviewed
CVE-2023-6409 was published Feb 14, 2024
A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0)... Critical Unreviewed
CVE-2024-23816 was published Feb 13, 2024
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password... Moderate Unreviewed
CVE-2024-22313 was published Feb 10, 2024
An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via... Critical Unreviewed
CVE-2023-38995 was published Feb 7, 2024
D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account... Critical Unreviewed
CVE-2024-22853 was published Feb 6, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded... Critical Unreviewed
CVE-2024-21764 was published Feb 2, 2024
Multiple MachineSense devices have credentials unable to be changed by the user or... Critical Unreviewed
CVE-2023-46706 was published Feb 2, 2024
TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root... Critical Unreviewed
CVE-2024-24324 was published Jan 30, 2024
DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key. Critical Unreviewed
CVE-2023-51840 was published Jan 29, 2024
Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an... Moderate Unreviewed
CVE-2023-6482 was published Jan 27, 2024
A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote,... Critical Unreviewed
CVE-2024-23619 was published Jan 26, 2024
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a... Moderate Unreviewed
CVE-2024-23453 was published Jan 24, 2024
An issue in the default configurations of ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION... Critical Unreviewed
CVE-2023-51200 was published Jan 23, 2024
Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.02~4.02 allows an attacker to cause... High Unreviewed
CVE-2024-23842 was published Jan 23, 2024
Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause... High Unreviewed
CVE-2024-22770 was published Jan 23, 2024
Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause... High Unreviewed
CVE-2024-22772 was published Jan 23, 2024
Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause... High Unreviewed
CVE-2024-22769 was published Jan 23, 2024
Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause... High Unreviewed
CVE-2024-22768 was published Jan 23, 2024
Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause... High Unreviewed
CVE-2024-22771 was published Jan 23, 2024
Ubee DDW365 XCNDDW365 and DDW366 XCNDXW3WB devices have predictable default WPA2 PSKs that could... High Unreviewed
CVE-2024-23726 was published Jan 21, 2024
Hard-coded credentials in org.folio:mod-data-export-spring Critical
CVE-2024-23687 was published for org.folio:mod-data-export-spring (Maven) Jan 20, 2024
Hard-coded credentials in org.folio:mod-remote-storage Moderate
CVE-2024-23685 was published for org.folio:mod-remote-storage (Maven) Jan 19, 2024
EverShop at risk to unauthorized access via weak HMAC secret High
CVE-2023-46943 was published for @evershop/evershop (npm) Jan 13, 2024
The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded... Moderate Unreviewed
CVE-2023-28897 was published Jan 12, 2024
Root user password is hardcoded into the device and cannot be changed in the user interface. Critical Unreviewed
CVE-2023-49253 was published Jan 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database