Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,159 advisories

Loading
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key,... Low Unreviewed
CVE-2023-20512 was published Aug 13, 2024
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and... High Unreviewed
CVE-2024-41161 was published Aug 8, 2024
Password reset tokens are generated using an insecure source of randomness. Attackers who know... Critical Unreviewed
CVE-2024-6890 was published Aug 8, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed
CVE-2024-41616 was published Aug 6, 2024
ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may... High Unreviewed
CVE-2024-39838 was published Aug 5, 2024
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique... Moderate Unreviewed
CVE-2024-33895 was published Aug 2, 2024
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as... Critical Unreviewed
CVE-2024-7332 was published Aug 1, 2024
In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded... Critical Unreviewed
CVE-2024-41611 was published Jul 30, 2024
D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet... Critical Unreviewed
CVE-2024-41610 was published Jul 30, 2024
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This... Moderate Unreviewed
CVE-2024-7170 was published Jul 29, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as... Low Unreviewed
CVE-2024-7155 was published Jul 28, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to... Critical Unreviewed
CVE-2024-6912 was published Jul 22, 2024
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover... High Unreviewed
CVE-2024-5471 was published Jul 17, 2024
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root. Critical Unreviewed
CVE-2024-35338 was published Jul 16, 2024
An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS... Critical Unreviewed
CVE-2024-28747 was published Jul 9, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013... Critical Unreviewed
CVE-2023-46685 was published Jul 8, 2024
mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code... Critical Unreviewed
CVE-2024-4708 was published Jul 3, 2024
Hardcoded credentials are discovered within the application's source code, creating a potential... Critical Unreviewed
CVE-2023-41919 was published Jul 2, 2024
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an... Moderate Unreviewed
CVE-2024-38480 was published Jul 1, 2024
luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials. Critical Unreviewed
CVE-2024-39208 was published Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account... Critical Unreviewed
CVE-2024-39374 was published Jun 27, 2024
A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x allows attackers to bypass... Unknown Unreviewed
CVE-2024-33329 was published Jun 26, 2024
A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP)... High Unreviewed
CVE-2024-5460 was published Jun 26, 2024
Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User... Critical Unreviewed
CVE-2023-6198 was published Jun 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database