GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,330
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,150 advisories
Filter by severity
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An...
Moderate
Unreviewed
CVE-2024-27159
was published
Jun 14, 2024
D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc...
High
Unreviewed
CVE-2024-37630
was published
Jun 13, 2024
An attacker can access the maintenance console using hard coded credentials for a hidden wireless...
High
Unreviewed
CVE-2024-38281
was published
Jun 13, 2024
CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege...
High
Unreviewed
CVE-2024-0865
was published
Jun 12, 2024
Apache Submarine Commons Utils has a hard-coded secret
Moderate
CVE-2024-36264
was published
for
apache-submarine
(Maven)
Jun 12, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive...
Critical
Unreviewed
CVE-2024-3699
was published
Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive...
Critical
Unreviewed
CVE-2024-1228
was published
Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive...
Critical
Unreviewed
CVE-2024-3700
was published
Jun 10, 2024
Precor touchscreen console P82 contains a private SSH key that corresponds to a default public...
High
Unreviewed
CVE-2023-49222
was published
Jun 7, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker to obtain sensitive...
High
Unreviewed
CVE-2023-49223
was published
Jun 7, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the...
High
Unreviewed
CVE-2023-49224
was published
Jun 7, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker (within the local...
High
Unreviewed
CVE-2023-49221
was published
Jun 7, 2024
Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials...
High
Unreviewed
CVE-2024-29170
was published
Jun 4, 2024
TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in ...
Critical
Unreviewed
CVE-2024-36782
was published
Jun 3, 2024
'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to...
High
Unreviewed
CVE-2024-32988
was published
May 22, 2024
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5...
High
Unreviewed
CVE-2024-4844
was published
May 16, 2024
Hard-coded credentials are used by the
CyberPower PowerPanel
platform to authenticate to the ...
Critical
Unreviewed
CVE-2024-32053
was published
May 15, 2024
Weak account password in GE HealthCare EchoPAC products
Critical
Unreviewed
CVE-2024-27107
was published
May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device...
Critical
Unreviewed
CVE-2024-32740
was published
May 14, 2024
TOTOLINK CP450 V4.1.0cu.747_B20191224 was discovered to contain a vulnerability in the...
High
Unreviewed
CVE-2024-34219
was published
May 14, 2024
The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication...
High
Unreviewed
CVE-2024-23473
was published
May 14, 2024
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST...
High
Unreviewed
CVE-2023-26566
was published
May 14, 2024
Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation...
High
Unreviewed
CVE-2023-51588
was published
May 3, 2024
D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass...
Critical
Unreviewed
CVE-2023-44411
was published
May 3, 2024
ProTip!
Advisories are also available from the
GraphQL API