GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
433 advisories
Filter by severity
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded...
High
Unreviewed
CVE-2023-36623
was published
Jul 5, 2023
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded...
High
Unreviewed
CVE-2023-34473
was published
Jul 5, 2023
A support user exists on the device and appears to be a backdoor for Technical Support staff. The...
High
Unreviewed
CVE-2022-47209
was published
Jul 6, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This...
High
Unreviewed
CVE-2023-34123
was published
Jul 13, 2023
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow...
High
Unreviewed
CVE-2023-38433
was published
Jul 26, 2023
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on...
High
Unreviewed
CVE-2023-21652
was published
Aug 8, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,...
High
Unreviewed
CVE-2023-37857
was published
Aug 9, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a...
High
Unreviewed
CVE-2023-22956
was published
Aug 11, 2023
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due...
High
Unreviewed
CVE-2023-22957
was published
Aug 11, 2023
EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were...
High
Unreviewed
CVE-2023-37426
was published
Aug 22, 2023
The LMS5xx uses hard-coded credentials, which potentially allow low-skilled
unauthorized remote...
High
Unreviewed
CVE-2023-4419
was published
Aug 24, 2023
Netmaker has Hardcoded DNS Secret Key
High
CVE-2023-32077
was published
for
github.com/gravitl/netmaker
(Go)
Aug 25, 2023
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man...
High
Unreviewed
CVE-2023-23771
was published
Aug 29, 2023
Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL...
High
Unreviewed
CVE-2023-31173
was published
Aug 31, 2023
Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions...
High
Unreviewed
CVE-2023-32619
was published
Sep 6, 2023
The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user...
High
Unreviewed
CVE-2023-39420
was published
Sep 7, 2023
The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of...
High
Unreviewed
CVE-2023-39421
was published
Sep 7, 2023
A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may...
High
Unreviewed
CVE-2023-40717
was published
Sep 13, 2023
An issue in xui-xray v1.8.3 allows attackers to obtain sensitive information via default password.
High
Unreviewed
CVE-2023-41595
was published
Sep 18, 2023
An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain...
High
Unreviewed
CVE-2023-42328
was published
Sep 18, 2023
Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One...
High
Unreviewed
CVE-2023-31808
was published
Sep 19, 2023
Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key...
High
Unreviewed
CVE-2023-43637
was published
Sep 21, 2023
Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could...
High
Unreviewed
CVE-2023-20034
was published
Sep 27, 2023
All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device...
High
Unreviewed
CVE-2022-47891
was published
Oct 3, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only...
High
Unreviewed
CVE-2023-36380
was published
Oct 10, 2023
ProTip!
Advisories are also available from the
GraphQL API