GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
63 advisories
Filter by severity
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service.
High
Unreviewed
CVE-2024-41616
was published
Aug 6, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
High
Unreviewed
CVE-2024-38885
was published
Aug 2, 2024
A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as...
Critical
Unreviewed
CVE-2024-7332
was published
Aug 1, 2024
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832. It has been classified as problematic....
Low
Unreviewed
CVE-2024-7216
was published
Jul 30, 2024
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This...
Moderate
Unreviewed
CVE-2024-7170
was published
Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as...
Moderate
Unreviewed
CVE-2024-7159
was published
Jul 28, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as...
Low
Unreviewed
CVE-2024-7155
was published
Jul 28, 2024
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have...
High
Unreviewed
CVE-2024-39345
was published
Jul 24, 2024
ZKTeco ZKBio CVSecurity v6.1.1 was discovered to contain a hardcoded cryptographic key.
Critical
Unreviewed
CVE-2024-36526
was published
Jul 9, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013...
Critical
Unreviewed
CVE-2023-46685
was published
Jul 8, 2024
mySCADA myPRO
uses a hard-coded password which could allow an attacker to remotely execute code...
Critical
Unreviewed
CVE-2024-4708
was published
Jul 3, 2024
H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-38902
was published
Jun 24, 2024
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock...
High
Unreviewed
CVE-2024-5275
was published
Jun 18, 2024
Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to...
Critical
Unreviewed
CVE-2024-34539
was published
Jun 14, 2024
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability...
High
Unreviewed
CVE-2024-37644
was published
Jun 14, 2024
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see...
High
Unreviewed
CVE-2024-27164
was published
Jun 14, 2024
A vulnerability exists in the message queueing mechanism that if
exploited can lead to the...
Moderate
Unreviewed
CVE-2024-28023
was published
Jun 11, 2024
CyberPower PowerPanel business
application code contains a hard-coded JWT signing key. This...
Critical
Unreviewed
CVE-2024-33625
was published
May 15, 2024
CyberPower PowerPanel business application code contains a hard-coded set of authentication ...
Critical
Unreviewed
CVE-2024-34025
was published
May 15, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt.
Moderate
Unreviewed
CVE-2024-33867
was published
May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device...
Critical
Unreviewed
CVE-2024-32741
was published
May 14, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ...
Unknown
Unreviewed
CVE-2024-31810
was published
May 14, 2024
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability...
Moderate
Unreviewed
CVE-2023-51629
was published
May 3, 2024
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability...
High
Unreviewed
CVE-2023-32145
was published
May 3, 2024
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability...
High
Unreviewed
CVE-2024-29011
was published
May 1, 2024
ProTip!
Advisories are also available from the
GraphQL API