GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,934
Maven
5,000+
npm
3,668
NuGet
642
pip
3,287
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,128 advisories
Filter by severity
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized
access...
High
Unreviewed
CVE-2023-6409
was published
Feb 14, 2024
A vulnerability has been identified in Location Intelligence Perpetual Large (9DE5110-8CA13-1AX0)...
Critical
Unreviewed
CVE-2024-23816
was published
Feb 13, 2024
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password...
Moderate
Unreviewed
CVE-2024-22313
was published
Feb 10, 2024
An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via...
Critical
Unreviewed
CVE-2023-38995
was published
Feb 7, 2024
D-LINK Go-RT-AC750 GORTAC750_A1_FW_v101b03 has a hardcoded password for the Alphanetworks account...
Critical
Unreviewed
CVE-2024-22853
was published
Feb 6, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded...
Critical
Unreviewed
CVE-2024-21764
was published
Feb 2, 2024
Multiple MachineSense devices have credentials unable to be changed by the user or...
Critical
Unreviewed
CVE-2023-46706
was published
Feb 2, 2024
TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root...
Critical
Unreviewed
CVE-2024-24324
was published
Jan 30, 2024
DoraCMS 2.1.8 is vulnerable to Use of Hard-coded Cryptographic Key.
Critical
Unreviewed
CVE-2023-51840
was published
Jan 29, 2024
Use of encryption key derived from static information in Synaptics Fingerprint Driver allows
an...
Moderate
Unreviewed
CVE-2023-6482
was published
Jan 27, 2024
A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote,...
Critical
Unreviewed
CVE-2024-23619
was published
Jan 26, 2024
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a...
Moderate
Unreviewed
CVE-2024-23453
was published
Jan 24, 2024
An issue in the default configurations of ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION...
Critical
Unreviewed
CVE-2023-51200
was published
Jan 23, 2024
Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.02~4.02 allows an attacker to cause...
High
Unreviewed
CVE-2024-23842
was published
Jan 23, 2024
Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause...
High
Unreviewed
CVE-2024-22769
was published
Jan 23, 2024
Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause...
High
Unreviewed
CVE-2024-22772
was published
Jan 23, 2024
Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause...
High
Unreviewed
CVE-2024-22768
was published
Jan 23, 2024
Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause...
High
Unreviewed
CVE-2024-22771
was published
Jan 23, 2024
Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause...
High
Unreviewed
CVE-2024-22770
was published
Jan 23, 2024
Ubee DDW365 XCNDDW365 and DDW366 XCNDXW3WB devices have predictable default WPA2 PSKs that could...
High
Unreviewed
CVE-2024-23726
was published
Jan 21, 2024
Hard-coded credentials in org.folio:mod-data-export-spring
Critical
CVE-2024-23687
was published
for
org.folio:mod-data-export-spring
(Maven)
Jan 20, 2024
Hard-coded credentials in org.folio:mod-remote-storage
Moderate
CVE-2024-23685
was published
for
org.folio:mod-remote-storage
(Maven)
Jan 19, 2024
EverShop at risk to unauthorized access via weak HMAC secret
High
CVE-2023-46943
was published
for
@evershop/evershop
(npm)
Jan 13, 2024
The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded...
Moderate
Unreviewed
CVE-2023-28897
was published
Jan 12, 2024
It is possible to download the configuration backup without authorization and decrypt included...
High
Unreviewed
CVE-2023-49256
was published
Jan 12, 2024
ProTip!
Advisories are also available from the
GraphQL API