GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
421 advisories
Filter by severity
The application uses several hard-coded credentials to encrypt config files during backup, to...
High
Unreviewed
CVE-2024-28146
was published
Dec 12, 2024
Ubiquiti U7-Pro 7.0.35 was discovered to contain a hardcoded password vulnerability in /etc...
High
Unreviewed
CVE-2024-54749
was published
Dec 6, 2024
IBM Cognos Controller 11.0.0 and 11.0.1
contains hard-coded credentials, such as a...
High
Unreviewed
CVE-2024-41777
was published
Dec 3, 2024
Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in ...
High
Unreviewed
CVE-2024-52789
was published
Nov 19, 2024
Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro...
High
Unreviewed
CVE-2024-52788
was published
Nov 19, 2024
Azure Stack HCI Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-49060
was published
Nov 15, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of...
High
Unreviewed
CVE-2024-7295
was published
Nov 13, 2024
An attacker with local access to the medical office computer can
access restricted functions of...
High
Unreviewed
CVE-2024-50593
was published
Nov 8, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows...
High
Unreviewed
CVE-2024-28875
was published
Oct 30, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows...
High
Unreviewed
CVE-2024-31151
was published
Oct 30, 2024
Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in ...
High
Unreviewed
CVE-2024-48192
was published
Oct 17, 2024
An issue was discovered in Infinera hiT 7300 5.60.50. A hidden SSH service (on the local...
High
Unreviewed
CVE-2024-28812
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a hard-coded credential in the specific command...
High
Unreviewed
CVE-2024-8448
was published
Sep 30, 2024
Certain switch models from PLANET Technology have a Hard-coded community string in the SNMPv1...
High
Unreviewed
CVE-2024-8450
was published
Sep 30, 2024
Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat...
High
Unreviewed
CVE-2023-41612
was published
Sep 18, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet...
High
Unreviewed
CVE-2024-45698
was published
Sep 16, 2024
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read...
High
Unreviewed
CVE-2024-6656
was published
Sep 13, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x, contain(s) an...
High
Unreviewed
CVE-2024-39585
was published
Sep 6, 2024
Use of hard-coded credentials vulnerability affecting Vonets industrial wifi bridge relays and...
High
Unreviewed
CVE-2024-41161
was published
Aug 8, 2024
D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service.
High
Unreviewed
CVE-2024-41616
was published
Aug 6, 2024
ZWX-2000CSW2-HN firmware versions prior to Ver.0.3.15 uses hard-coded credentials, which may...
High
Unreviewed
CVE-2024-39838
was published
Aug 5, 2024
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover...
High
Unreviewed
CVE-2024-5471
was published
Jul 17, 2024
A vulnerability in the default configuration of the Simple Network
Management Protocol (SNMP)...
High
Unreviewed
CVE-2024-5460
was published
Jun 26, 2024
The configuration file is encrypted with a static key derived from a
static five-character...
High
Unreviewed
CVE-2024-36496
was published
Jun 24, 2024
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor....
High
Unreviewed
CVE-2024-6045
was published
Jun 17, 2024
ProTip!
Advisories are also available from the
GraphQL API