GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,572
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,703
NuGet 661
pip 3,329
Pub 11
RubyGems 884
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 234,068

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

425 advisories

Filter by severity

Sort by

Least recently updated

AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded... High Unreviewed

CVE-2023-34473 was published Jul 5, 2023

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded... High Unreviewed

CVE-2023-36623 was published Jul 5, 2023

Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code... High Unreviewed

CVE-2023-32274 was published Jun 20, 2023

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN... High Unreviewed

CVE-2023-25187 was published Jun 16, 2023

Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to... High Unreviewed

CVE-2023-2637 was published Jun 13, 2023

Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker... High Unreviewed

CVE-2022-47617 was published Jun 2, 2023

Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed

CVE-2023-2061 was published Jun 2, 2023

DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider... High Unreviewed

CVE-2023-28937 was published Jun 1, 2023

ROZCOM client CWE-798: Use of Hard-coded Credentials High Unreviewed

CVE-2023-31184 was published May 30, 2023

This vulnerability enables ssh access to minikube container using a default password. High Unreviewed

CVE-2023-1944 was published May 24, 2023

Use of hard-coded credentials exists in SolarView Compact SV-CPT-MC310 versions prior to Ver.8.10... High Unreviewed

CVE-2023-27512 was published May 23, 2023

A use of hard-coded credentials vulnerability [CWE-798] in FortiNAC-F version 7.2.0, FortiNAC... High Unreviewed

CVE-2023-26203 was published May 4, 2023

The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte... High Unreviewed

CVE-2022-41399 was published Apr 28, 2023

The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded... High Unreviewed

CVE-2022-41398 was published Apr 28, 2023

PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote... High Unreviewed

CVE-2022-45291 was published Apr 25, 2023

TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User ---... High Unreviewed

CVE-2022-37255 was published Apr 16, 2023

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials... High Unreviewed

CVE-2023-22429 was published Apr 11, 2023

MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the... High Unreviewed

CVE-2023-0391 was published Mar 21, 2023

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet... High Unreviewed

CVE-2023-24147 was published Feb 3, 2023

Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure. The application... High Unreviewed

CVE-2023-23132 was published Feb 1, 2023

A CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause local privilege... High Unreviewed

CVE-2022-42973 was published Feb 1, 2023

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an... High Unreviewed

CVE-2023-20038 was published Jan 20, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password... High Unreviewed

CVE-2022-34462 was published Jan 18, 2023

Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism.... High Unreviewed

CVE-2022-36925 was published Jan 9, 2023

ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX... High Unreviewed

CVE-2022-4780 was published Dec 29, 2022

Previous 1 2 3 4 5 6 7 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

425 advisories