Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. High Unreviewed
CVE-2024-41616 was published Aug 6, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... High Unreviewed
CVE-2024-38885 was published Aug 2, 2024
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as... Critical Unreviewed
CVE-2024-7332 was published Aug 1, 2024
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic.... Low Unreviewed
CVE-2024-7216 was published Jul 30, 2024
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This... Moderate Unreviewed
CVE-2024-7170 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as... Moderate Unreviewed
CVE-2024-7159 was published Jul 28, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as... Low Unreviewed
CVE-2024-7155 was published Jul 28, 2024
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have... High Unreviewed
CVE-2024-39345 was published Jul 24, 2024
ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a hardcoded cryptographic key. Critical Unreviewed
CVE-2024-36526 was published Jul 9, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013... Critical Unreviewed
CVE-2023-46685 was published Jul 8, 2024
mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code... Critical Unreviewed
CVE-2024-4708 was published Jul 3, 2024
H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-38902 was published Jun 24, 2024
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock... High Unreviewed
CVE-2024-5275 was published Jun 18, 2024
Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to... Critical Unreviewed
CVE-2024-34539 was published Jun 14, 2024
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability... High Unreviewed
CVE-2024-37644 was published Jun 14, 2024
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see... High Unreviewed
CVE-2024-27164 was published Jun 14, 2024
A vulnerability exists in the message queueing mechanism that if exploited can lead to the... Moderate Unreviewed
CVE-2024-28023 was published Jun 11, 2024
CyberPower PowerPanel business application code contains a hard-coded JWT signing key. This... Critical Unreviewed
CVE-2024-33625 was published May 15, 2024
CyberPower PowerPanel business application code contains a hard-coded set of authentication ... Critical Unreviewed
CVE-2024-34025 was published May 15, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt. Moderate Unreviewed
CVE-2024-33867 was published May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device... Critical Unreviewed
CVE-2024-32741 was published May 14, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ... Unknown Unreviewed
CVE-2024-31810 was published May 14, 2024
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2023-51629 was published May 3, 2024
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability... High Unreviewed
CVE-2023-32145 was published May 3, 2024
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability... High Unreviewed
CVE-2024-29011 was published May 1, 2024
ProTip! Advisories are also available from the GraphQL API