GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

428 advisories

Filter by severity

Sort by

Least recently updated

The Tightrope Media Carousel Seneca HDn Windows-based appliance 7.0.4.104 is shipped with a... High Unreviewed

CVE-2018-18929 was published May 24, 2022

CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before 3.7.4 have a default... High Unreviewed

CVE-2019-13657 was published May 24, 2022

ifw8 Router ROM v4.31 allows credential disclosure by reading the action/usermanager.htm HTML... High Unreviewed

CVE-2019-16313 was published May 24, 2022

Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN... High Unreviewed

CVE-2019-13530 was published May 24, 2022

The slick-popup plugin before 1.7.2 for WordPress has a hardcoded OmakPass13# password for the... High Unreviewed

CVE-2019-15867 was published May 24, 2022

The Eques elf smart plug and the mobile app use a hardcoded AES 256 bit key to encrypt the... High Unreviewed

CVE-2019-15745 was published May 24, 2022

The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for... High Unreviewed

CVE-2016-10928 was published May 24, 2022

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR... High Unreviewed

CVE-2019-9229 was published May 24, 2022

A vulnerability in the Cisco FindIT Network Management Software virtual machine (VM) images could... High Unreviewed

CVE-2019-1919 was published May 24, 2022

Optergy Proton/Enterprise devices have Hard-coded Credentials. High Unreviewed

CVE-2019-7279 was published May 24, 2022

A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed

CVE-2019-11947 was published May 24, 2022

A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless... High Unreviewed

CVE-2018-4062 was published May 24, 2022

An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01... High Unreviewed

CVE-2018-18979 was published May 24, 2022

An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01... High Unreviewed

CVE-2018-18978 was published May 24, 2022

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by... High Unreviewed

CVE-2017-18374 was published May 24, 2022

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three... High Unreviewed

CVE-2017-18373 was published May 24, 2022

A CWE-798 “Use of Hard-coded Credentials” vulnerability in the MariaDB database of the web... High Unreviewed

CVE-2023-5456 was published Mar 5, 2024

EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to... High Unreviewed

CVE-2008-0961 was published May 1, 2022

A remote code execution vulnerability exists in Microsoft Exchange software when the software... High Unreviewed

CVE-2020-0688 was published May 24, 2022

ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not... High Unreviewed

CVE-2008-1160 was published May 1, 2022

Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back... High Unreviewed

CVE-2005-0496 was published May 1, 2022

Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password ... High Unreviewed

CVE-2010-1573 was published May 14, 2022

Use of Hard-coded Credentials vulnerability in Utarit Information Technologies SoliPay Mobile App... High Unreviewed

CVE-2023-6255 was published Feb 15, 2024

Use of a hard-coded password for a special database account created during Comarch ERP XL... High Unreviewed

CVE-2023-4539 was published Feb 15, 2024

CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access... High Unreviewed

CVE-2023-6409 was published Feb 14, 2024

Previous 1 2 3 4 5 6 7 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

428 advisories