GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
156 advisories
Filter by severity
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses...
Moderate
Unreviewed
CVE-2023-49228
was published
Dec 28, 2023
Phlox com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus has an Android...
Moderate
Unreviewed
CVE-2023-46918
was published
Dec 28, 2023
Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka...
Moderate
Unreviewed
CVE-2023-46919
was published
Dec 27, 2023
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an...
Moderate
Unreviewed
CVE-2023-46711
was published
Dec 26, 2023
In Pexip VMR self-service portal before 3, the same SSH host key is used across different...
Moderate
Unreviewed
CVE-2023-40236
was published
Dec 25, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or...
Moderate
Unreviewed
CVE-2023-47704
was published
Dec 20, 2023
SmartStar Software CWS is a web-base integration platform, it has a vulnerability of using a hard...
Moderate
Unreviewed
CVE-2023-48374
was published
Dec 15, 2023
Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for...
Moderate
Unreviewed
CVE-2023-43583
was published
Dec 14, 2023
The FACSChorus software contains sensitive information stored in plaintext. A threat actor could...
Moderate
Unreviewed
CVE-2023-29064
was published
Nov 28, 2023
A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 -...
Moderate
Unreviewed
CVE-2023-40719
was published
Nov 14, 2023
A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7...
Moderate
Unreviewed
CVE-2023-33304
was published
Nov 14, 2023
Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 ...
Moderate
Unreviewed
CVE-2023-45194
was published
Oct 11, 2023
Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated...
Moderate
Unreviewed
CVE-2023-41030
was published
Sep 18, 2023
Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which...
Moderate
Unreviewed
CVE-2023-27169
was published
Sep 12, 2023
A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may...
Moderate
Unreviewed
CVE-2023-39982
was published
Sep 2, 2023
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models...
Moderate
Unreviewed
CVE-2022-3744
was published
Aug 23, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded...
Moderate
Unreviewed
CVE-2023-3262
was published
Aug 14, 2023
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow...
Moderate
Unreviewed
CVE-2022-44612
was published
Aug 11, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,...
Moderate
Unreviewed
CVE-2023-37858
was published
Aug 9, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that...
Moderate
Unreviewed
CVE-2023-35763
was published
Jul 18, 2023
"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4...
Moderate
Unreviewed
CVE-2023-28387
was published
Jun 30, 2023
A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects...
Moderate
Unreviewed
CVE-2023-3237
was published
Jun 14, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050...
Moderate
Unreviewed
CVE-2023-33920
was published
Jun 13, 2023
JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may...
Moderate
Unreviewed
CVE-2023-27921
was published
May 23, 2023
A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471....
Moderate
Unreviewed
CVE-2023-0808
was published
Feb 13, 2023
ProTip!
Advisories are also available from the
GraphQL API