GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,512
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,616
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,843

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

43 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure ... Critical Unreviewed

CVE-2025-20286 was published Jun 4, 2025

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Default Credentials... Critical Unreviewed

CVE-2025-30115 was published Mar 18, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application 20.0... Critical Unreviewed

CVE-2025-27638 was published Mar 5, 2025

A CWE-259 "Use of Hard-coded Password" for the root account in Q-Free MaxTime less than or equal... Critical Unreviewed

CVE-2025-1100 was published Feb 12, 2025

Use of a hard-coded password for a database administrator account created during Wapro ERP... Critical Unreviewed

CVE-2024-4996 was published Dec 18, 2024

A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100,... Critical Unreviewed

CVE-2024-20412 was published Oct 23, 2024

FydeOS for PC 17.1 R114, FydeOS for VMware 17.0 R114, FydeOS for You 17.1 R114, and OpenFyde R114... Critical Unreviewed

CVE-2024-25825 was published Oct 9, 2024

The web application for ProGauge MAGLINK LX4 CONSOLE contains an administrative-level user... Critical Unreviewed

CVE-2024-43423 was published Sep 25, 2024

Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password. Critical Unreviewed

CVE-2023-37231 was published Sep 10, 2024

A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220.... Critical Unreviewed

CVE-2024-8580 was published Sep 8, 2024

H3C GR1100-P v100R009 was discovered to use a hardcoded password in /etc/shadow, which allows... Critical Unreviewed

CVE-2024-42639 was published Aug 16, 2024

A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as... Critical Unreviewed

CVE-2024-7332 was published Aug 1, 2024

ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a hardcoded cryptographic key. Critical Unreviewed

CVE-2024-36526 was published Jul 9, 2024

A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013... Critical Unreviewed

CVE-2023-46685 was published Jul 8, 2024

mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code... Critical Unreviewed

CVE-2024-4708 was published Jul 3, 2024

H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed

CVE-2024-38902 was published Jun 24, 2024

Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to... Critical Unreviewed

CVE-2024-34539 was published Jun 14, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-3699 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-3700 was published Jun 10, 2024

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed

CVE-2024-1228 was published Jun 10, 2024

CyberPower PowerPanel business application code contains a hard-coded JWT signing key. This... Critical Unreviewed

CVE-2024-33625 was published May 15, 2024

CyberPower PowerPanel business application code contains a hard-coded set of authentication ... Critical Unreviewed

CVE-2024-34025 was published May 15, 2024

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device... Critical Unreviewed

CVE-2024-32741 was published May 14, 2024

TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ... Critical Unreviewed

CVE-2024-31810 was published May 14, 2024

Incorrect Access Control vulnerability in ZLMediaKit versions 1.0 through 8.0, allows remote... Critical Unreviewed

CVE-2024-27488 was published Apr 8, 2024

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

43 advisories