GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,480

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,144 advisories

Filter by severity

Sort by

Least recently updated

Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Critical Unreviewed

CVE-2024-35338 was published Jul 16, 2024

An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS... Critical Unreviewed

CVE-2024-28747 was published Jul 9, 2024

A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013... Critical Unreviewed

CVE-2023-46685 was published Jul 8, 2024

mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code... Critical Unreviewed

CVE-2024-4708 was published Jul 3, 2024

Hardcoded credentials are discovered within the application's source code, creating a potential... Critical Unreviewed

CVE-2023-41919 was published Jul 2, 2024

"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an... Moderate Unreviewed

CVE-2024-38480 was published Jul 1, 2024

luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials. Critical Unreviewed

CVE-2024-39208 was published Jun 27, 2024

TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account... Critical Unreviewed

CVE-2024-39374 was published Jun 27, 2024

A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x allows attackers to bypass... Unknown Unreviewed

CVE-2024-33329 was published Jun 26, 2024

A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)... High Unreviewed

CVE-2024-5460 was published Jun 26, 2024

Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User... Critical Unreviewed

CVE-2023-6198 was published Jun 25, 2024

The configuration file is encrypted with a static key derived from a static five-character... High Unreviewed

CVE-2024-36496 was published Jun 24, 2024

Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier... Critical Unreviewed

CVE-2024-36480 was published Jun 19, 2024

Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor.... High Unreviewed

CVE-2024-6045 was published Jun 17, 2024

Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password. Critical Unreviewed

CVE-2024-38466 was published Jun 16, 2024

It was observed that all the Toshiba printers contain credentials used for WebDAV access in the... High Unreviewed

CVE-2024-27170 was published Jun 14, 2024

It appears that some hardcoded keys are used for authentication to internal API. Knowing these... High Unreviewed

CVE-2024-27168 was published Jun 14, 2024

all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An... Moderate Unreviewed

CVE-2024-27161 was published Jun 14, 2024

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed

CVE-2024-27159 was published Jun 14, 2024

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed

CVE-2024-27160 was published Jun 14, 2024

D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc... High Unreviewed

CVE-2024-37630 was published Jun 13, 2024

An attacker can access the maintenance console using hard coded credentials for a hidden wireless... High Unreviewed

CVE-2024-38281 was published Jun 13, 2024

CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege... High Unreviewed

CVE-2024-0865 was published Jun 12, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-3700 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-1228 was published Jun 10, 2024

Previous 1 2 3 4 5 6 … 45 46 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,144 advisories