GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,795

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,167 advisories

Filter by severity

Sort by

Least recently updated

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been... Critical Unreviewed

CVE-2024-3272 was published Apr 4, 2024

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local... Moderate Unreviewed

CVE-2024-3130 was published Apr 1, 2024

Use of Hard-coded Credentials in Kiloview NDI allows un-authenticated users to bypass... Critical Unreviewed

CVE-2024-2161 was published Mar 21, 2024

Chirp Access improperly stores credentials within its source code, potentially exposing... Critical Unreviewed

CVE-2024-2197 was published Mar 20, 2024

A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web... High Unreviewed

CVE-2023-5456 was published Mar 5, 2024

A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719.... Low Unreviewed

CVE-2024-1661 was published Feb 20, 2024

Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability... Moderate Unreviewed

CVE-2024-1344 was published Feb 19, 2024

Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App... High Unreviewed

CVE-2023-6255 was published Feb 15, 2024

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same... Unknown Unreviewed

CVE-2024-0390 was published Feb 15, 2024

Use of a hard-coded password for a special database account created during Comarch ERP XL... High Unreviewed

CVE-2023-4539 was published Feb 15, 2024

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access... High Unreviewed

CVE-2023-6409 was published Feb 14, 2024

A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0)... Critical Unreviewed

CVE-2024-23816 was published Feb 13, 2024

IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password... Moderate Unreviewed

CVE-2024-22313 was published Feb 10, 2024

An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via... Critical Unreviewed

CVE-2023-38995 was published Feb 7, 2024

D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account... Critical Unreviewed

CVE-2024-22853 was published Feb 6, 2024

In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded... Critical Unreviewed

CVE-2024-21764 was published Feb 2, 2024

Multiple MachineSense devices have credentials unable to be changed by the user or... Critical Unreviewed

CVE-2023-46706 was published Feb 2, 2024

TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root... Critical Unreviewed

CVE-2024-24324 was published Jan 30, 2024

DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key. Critical Unreviewed

CVE-2023-51840 was published Jan 29, 2024

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an... Moderate Unreviewed

CVE-2023-6482 was published Jan 27, 2024

A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote,... Critical Unreviewed

CVE-2024-23619 was published Jan 26, 2024

Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a... Moderate Unreviewed

CVE-2024-23453 was published Jan 24, 2024

An issue in the default configurations of ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION... Critical Unreviewed

CVE-2023-51200 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.02~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-23842 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22769 was published Jan 23, 2024

Previous 1 2 3 4 5 6 7 8 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,167 advisories