GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,144 advisories
Filter by severity
Use of a hard-coded password for a database administrator account created during Wapro ERP...
Critical
Unreviewed
CVE-2024-4996
was published
Dec 18, 2024
ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric...
Critical
Unreviewed
CVE-2024-55557
was published
Dec 16, 2024
The application uses several hard-coded credentials to encrypt config files during backup, to...
High
Unreviewed
CVE-2024-28146
was published
Dec 12, 2024
Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc...
High
Unreviewed
CVE-2024-54749
was published
Dec 6, 2024
Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow...
Critical
Unreviewed
CVE-2024-54750
was published
Dec 6, 2024
A vulnerability in the SonicWall SMA100 SSLVPN
firmware 10.2.1.13-72sv and earlier versions...
Moderate
Unreviewed
CVE-2024-45319
was published
Dec 5, 2024
A hardcoded decryption key in Thinkware Cloud APK v4.3.46 allows attackers to access sensitive...
Moderate
Unreviewed
CVE-2024-53614
was published
Dec 4, 2024
IBM Cognos Controller 11.0.0 and 11.0.1
contains hard-coded credentials, such as a...
High
Unreviewed
CVE-2024-41777
was published
Dec 3, 2024
Ever Traduora 0.20.0 and below is vulnerable to Privilege Escalation due to the use of a hard...
Critical
Unreviewed
CVE-2024-53484
was published
Dec 2, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.8
contains hard-coded credentials,...
Critical
Unreviewed
CVE-2024-49805
was published
Nov 29, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.8
contains hard-coded credentials,...
Critical
Unreviewed
CVE-2024-49806
was published
Nov 29, 2024
There are several hidden accounts. Some of them are intended for maintenance engineers, and with...
Critical
Unreviewed
CVE-2024-35244
was published
Nov 26, 2024
API keys for some cloud services are hardcoded in the "main" binary. As for the details of...
Critical
Unreviewed
CVE-2024-36248
was published
Nov 26, 2024
Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows...
Critical
Unreviewed
CVE-2023-51638
was published
Nov 22, 2024
The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is...
Critical
Unreviewed
CVE-2024-42450
was published
Nov 19, 2024
Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in ...
High
Unreviewed
CVE-2024-52789
was published
Nov 19, 2024
Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro...
High
Unreviewed
CVE-2024-52788
was published
Nov 19, 2024
Azure Stack HCI Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-49060
was published
Nov 15, 2024
The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in...
Critical
Unreviewed
CVE-2024-48971
was published
Nov 15, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded...
Moderate
Unreviewed
CVE-2024-40410
was published
Nov 14, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of...
High
Unreviewed
CVE-2024-7295
was published
Nov 13, 2024
A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated...
Moderate
Unreviewed
CVE-2024-11026
was published
Nov 9, 2024
An attacker with local access to the medical office computer can
access restricted functions of...
High
Unreviewed
CVE-2024-50593
was published
Nov 8, 2024
A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as...
Low
Unreviewed
CVE-2024-10920
was published
Nov 6, 2024
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up...
Low
Unreviewed
CVE-2024-10748
was published
Nov 4, 2024
ProTip!
Advisories are also available from the
GraphQL API