GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,169 advisories
Filter by severity
MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded...
Moderate
Unreviewed
CVE-2024-4740
was published
Oct 18, 2024
Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in ...
High
Unreviewed
CVE-2024-48192
was published
Oct 17, 2024
A vulnerability in the .sdd file allows an attacker to read default passwords stored in plain...
Critical
Unreviewed
CVE-2024-10025
was published
Oct 17, 2024
A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with...
Moderate
Unreviewed
CVE-2024-20280
was published
Oct 16, 2024
VM images built with Image Builder with some providers use default credentials during builds in github.com/kubernetes-sigs/image-builder
Moderate
CVE-2024-9594
was published
for
github.com/kubernetes-sigs/image-builder
(Go)
Oct 15, 2024
VM images built with Image Builder and Proxmox provider use default credentials in github.com/kubernetes-sigs/image-builder
Critical
CVE-2024-9486
was published
for
github.com/kubernetes-sigs/image-builder
(Go)
Oct 15, 2024
The devices contain two hard coded user accounts with hardcoded passwords that allow an...
Critical
Unreviewed
CVE-2024-45275
was published
Oct 15, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local...
High
Unreviewed
CVE-2024-28812
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1...
High
Unreviewed
CVE-2024-8450
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a Hard-coded Credential in the password...
Moderate
Unreviewed
CVE-2024-8449
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a hard-coded credential in the specific command...
High
Unreviewed
CVE-2024-8448
was published
Sep 30, 2024
Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass...
Moderate
Unreviewed
CVE-2024-23958
was published
Sep 28, 2024
The web application for ProGauge MAGLINK LX4 CONSOLE contains an
administrative-level user...
Critical
Unreviewed
CVE-2024-43423
was published
Sep 25, 2024
Kastle Systems firmware prior to May 1, 2024, contained a hard-coded credential, which if...
Critical
Unreviewed
CVE-2024-45861
was published
Sep 19, 2024
Dragonfly2 has hard coded cyptographic key
Critical
CVE-2023-27584
was published
for
d7y.io/dragonfly/v2
(Go)
Sep 19, 2024
Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat...
High
Unreviewed
CVE-2023-41612
was published
Sep 18, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet...
High
Unreviewed
CVE-2024-45698
was published
Sep 16, 2024
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read...
High
Unreviewed
CVE-2024-6656
was published
Sep 13, 2024
SolarWinds Access Rights Manager (ARM) was found to contain a hard-coded credential...
Moderate
Unreviewed
CVE-2024-28990
was published
Sep 12, 2024
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A...
Low
Unreviewed
CVE-2024-39582
was published
Sep 10, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an...
High
Unreviewed
CVE-2024-39585
was published
Sep 6, 2024
A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker...
Critical
Unreviewed
CVE-2024-20439
was published
Sep 4, 2024
IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by...
Moderate
Unreviewed
CVE-2024-35118
was published
Aug 29, 2024
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are...
Critical
Unreviewed
CVE-2024-6633
was published
Aug 27, 2024
A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207....
Critical
Unreviewed
CVE-2024-8162
was published
Aug 26, 2024
ProTip!
Advisories are also available from the
GraphQL API