GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
71 advisories
Filter by severity
runofast Indoor Security Camera for Baby Monitor has a default password of password for the root...
Moderate
Unreviewed
CVE-2024-46959
was published
Sep 18, 2024
Loftware Spectrum before 4.6 HF14 uses a Hard-coded Password.
Critical
Unreviewed
CVE-2023-37231
was published
Sep 10, 2024
A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220....
Critical
Unreviewed
CVE-2024-8580
was published
Sep 8, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an...
High
Unreviewed
CVE-2024-39585
was published
Sep 6, 2024
Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P...
Moderate
Unreviewed
CVE-2024-31798
was published
Aug 15, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service.
High
Unreviewed
CVE-2024-41616
was published
Aug 6, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
High
Unreviewed
CVE-2024-38885
was published
Aug 2, 2024
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as...
Critical
Unreviewed
CVE-2024-7332
was published
Aug 1, 2024
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic....
Low
Unreviewed
CVE-2024-7216
was published
Jul 30, 2024
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This...
Moderate
Unreviewed
CVE-2024-7170
was published
Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as...
Moderate
Unreviewed
CVE-2024-7159
was published
Jul 28, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as...
Low
Unreviewed
CVE-2024-7155
was published
Jul 28, 2024
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have...
High
Unreviewed
CVE-2024-39345
was published
Jul 24, 2024
ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a hardcoded cryptographic key.
Critical
Unreviewed
CVE-2024-36526
was published
Jul 9, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013...
Critical
Unreviewed
CVE-2023-46685
was published
Jul 8, 2024
mySCADA myPRO
uses a hard-coded password which could allow an attacker to remotely execute code...
Critical
Unreviewed
CVE-2024-4708
was published
Jul 3, 2024
H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-38902
was published
Jun 24, 2024
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock...
High
Unreviewed
CVE-2024-5275
was published
Jun 18, 2024
Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to...
Critical
Unreviewed
CVE-2024-34539
was published
Jun 14, 2024
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability...
High
Unreviewed
CVE-2024-37644
was published
Jun 14, 2024
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see...
High
Unreviewed
CVE-2024-27164
was published
Jun 14, 2024
A vulnerability exists in the message queueing mechanism that if
exploited can lead to the...
Moderate
Unreviewed
CVE-2024-28023
was published
Jun 11, 2024
CyberPower PowerPanel business application code contains a hard-coded set of authentication ...
Critical
Unreviewed
CVE-2024-34025
was published
May 15, 2024
CyberPower PowerPanel business
application code contains a hard-coded JWT signing key. This...
Critical
Unreviewed
CVE-2024-33625
was published
May 15, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt.
Moderate
Unreviewed
CVE-2024-33867
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API