GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,556

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,144 advisories

Filter by severity

Sort by

Least recently updated

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded keys used by Docker to reach... High Unreviewed

CVE-2024-29963 was published Apr 19, 2024

In the Brocade SANnav server versions before v2.3.1 and v2.3.0a, the SSH keys inside the OVA... High Unreviewed

CVE-2024-29960 was published Apr 19, 2024

IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which... High Unreviewed

CVE-2024-31873 was published Apr 10, 2024

Azure AI Search Information Disclosure Vulnerability High Unreviewed

CVE-2024-29063 was published Apr 9, 2024

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been... Critical Unreviewed

CVE-2024-3272 was published Apr 4, 2024

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local... Moderate Unreviewed

CVE-2024-3130 was published Apr 1, 2024

Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass... Critical Unreviewed

CVE-2024-2161 was published Mar 21, 2024

Chirp Access improperly stores credentials within its source code, potentially exposing... Critical Unreviewed

CVE-2024-2197 was published Mar 20, 2024

A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web... High Unreviewed

CVE-2023-5456 was published Mar 5, 2024

A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719.... Low Unreviewed

CVE-2024-1661 was published Feb 20, 2024

Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability... Moderate Unreviewed

CVE-2024-1344 was published Feb 19, 2024

Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App... High Unreviewed

CVE-2023-6255 was published Feb 15, 2024

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same... Unknown Unreviewed

CVE-2024-0390 was published Feb 15, 2024

Use of a hard-coded password for a special database account created during Comarch ERP XL... High Unreviewed

CVE-2023-4539 was published Feb 15, 2024

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access... High Unreviewed

CVE-2023-6409 was published Feb 14, 2024

A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0)... Critical Unreviewed

CVE-2024-23816 was published Feb 13, 2024

IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password... Moderate Unreviewed

CVE-2024-22313 was published Feb 10, 2024

An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via... Critical Unreviewed

CVE-2023-38995 was published Feb 7, 2024

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account... Critical Unreviewed

CVE-2024-22853 was published Feb 6, 2024

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded... Critical Unreviewed

CVE-2024-21764 was published Feb 2, 2024

Multiple MachineSense devices have credentials unable to be changed by the user or... Critical Unreviewed

CVE-2023-46706 was published Feb 2, 2024

TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root... Critical Unreviewed

CVE-2024-24324 was published Jan 30, 2024

DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key. Critical Unreviewed

CVE-2023-51840 was published Jan 29, 2024

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an... Moderate Unreviewed

CVE-2023-6482 was published Jan 27, 2024

A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote,... Critical Unreviewed

CVE-2024-23619 was published Jan 26, 2024

Previous 1 2 3 4 5 6 7 8 … 45 46 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,144 advisories