GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,213
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,111
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 37

Unreviewed advisories

All unreviewed 243,528

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,195 advisories

Filter by severity

Sort by

Least recently updated

Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability... Moderate Unreviewed

CVE-2024-48007 was published Dec 13, 2024

Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation... High Unreviewed

CVE-2024-29966 was published Apr 19, 2024

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded keys used by Docker to reach... High Unreviewed

CVE-2024-29963 was published Apr 19, 2024

In the Brocade SANnav server versions before v2.3.1 and v2.3.0a, the SSH keys inside the OVA... High Unreviewed

CVE-2024-29960 was published Apr 19, 2024

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all... Low Unreviewed

CVE-2024-50564 was published Jan 14, 2025

EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privilege escalation as the... Critical Unreviewed

CVE-2024-53356 was published Feb 1, 2025

In EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0, the AES encryption keys used to encrypt... High Unreviewed

CVE-2024-53357 was published Feb 1, 2025

Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus (AMP)... High Unreviewed

CVE-2023-2291 was published Apr 26, 2023

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2... Critical Unreviewed

CVE-2023-37936 was published Jan 14, 2025

Zoho ManageEngine ADSelfService Plus before 6122 allows an authenticated user to achieve remote... High Unreviewed

CVE-2022-28810 was published Apr 19, 2022

AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the... High Unreviewed

CVE-2024-48310 was published Jan 29, 2025

An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service,... High Unreviewed

CVE-2024-55968 was published Jan 29, 2025

Flawed token generation implementation & Hard-coded key implementation Moderate Unreviewed

CVE-2024-55927 was published Jan 23, 2025

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... High Unreviewed

CVE-2023-30351 was published May 10, 2023

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same... Critical Unreviewed

CVE-2024-0390 was published Feb 15, 2024

ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model... High Unreviewed

CVE-2024-11147 was published Jan 23, 2025

HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to... Critical Unreviewed

CVE-2024-48126 was published Jan 15, 2025

An issue in the AsDB service of HI-SCAN 6040i Hitrax HX-03-19-I allows attackers to enumerate... High Unreviewed

CVE-2024-48125 was published Jan 15, 2025

Hard-coded credentials were included as part of the application binary. These credentials served... Low Unreviewed

CVE-2024-45832 was published Jan 17, 2025

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure... Moderate Unreviewed

CVE-2024-28778 was published Jan 7, 2025

Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. High Unreviewed

CVE-2021-44207 was published Dec 22, 2021

Use of a hard-coded password for a database administrator account created during Wapro ERP... Critical Unreviewed

CVE-2024-4996 was published Dec 18, 2024

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric... Critical Unreviewed

CVE-2024-55557 was published Dec 16, 2024

A security vulnerability in HPE Insight Remote Support may result in the local disclosure of... Moderate Unreviewed

CVE-2023-30904 was published Jun 16, 2023

The application uses several hard-coded credentials to encrypt config files during backup, to... High Unreviewed

CVE-2024-28146 was published Dec 12, 2024

Previous 1 2 3 4 5 … 47 48 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,195 advisories