GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,739
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,757

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

171 advisories

Filter by severity

Sort by

Least recently updated

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed

CVE-2024-27159 was published Jun 14, 2024

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed

CVE-2024-27160 was published Jun 14, 2024

all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An... Moderate Unreviewed

CVE-2024-27161 was published Jun 14, 2024

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite... Moderate Unreviewed

CVE-2024-22813 was published Apr 22, 2024

A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with... Moderate Unreviewed

CVE-2021-41320 was published May 24, 2022

Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass... Moderate Unreviewed

CVE-2023-39458 was published May 3, 2024

NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This... Moderate Unreviewed

CVE-2023-34284 was published May 3, 2024

Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that is used during an... Moderate Unreviewed

CVE-2019-13399 was published May 24, 2022

Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup... Moderate Unreviewed

CVE-2019-6693 was published May 24, 2022

Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 ... Moderate Unreviewed

CVE-2023-45194 was published Oct 11, 2023

Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which... Moderate Unreviewed

CVE-2023-27169 was published Sep 12, 2023

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models... Moderate Unreviewed

CVE-2022-3744 was published Aug 23, 2023

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded... Moderate Unreviewed

CVE-2023-3262 was published Aug 14, 2023

Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow... Moderate Unreviewed

CVE-2022-44612 was published Aug 11, 2023

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed

CVE-2023-35763 was published Jul 18, 2023

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4... Moderate Unreviewed

CVE-2023-28387 was published Jun 30, 2023

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... Moderate Unreviewed

CVE-2023-33920 was published Jun 13, 2023

JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may... Moderate Unreviewed

CVE-2023-27921 was published May 23, 2023

The NetApp HCI H610S Baseboard Management Controller (BMC) is shipped with a documented default... Moderate Unreviewed

CVE-2020-8573 was published May 24, 2022

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account... Moderate Unreviewed

CVE-2020-15318 was published May 24, 2022

Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow... Moderate Unreviewed

CVE-2018-9195 was published May 24, 2022

Use of a hard-coded encryption key in Ivanti LANDESK Management Suite (LDMS, aka Endpoint Manager... Moderate Unreviewed

CVE-2019-12376 was published May 24, 2022

VVX products using UCS software version 5.8.0 and earlier with Better Together over Ethernet... Moderate Unreviewed

CVE-2019-10688 was published May 24, 2022

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local... Moderate Unreviewed

CVE-2024-3130 was published Apr 1, 2024

airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242... Moderate Unreviewed

CVE-2020-11876 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

171 advisories