GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
409 advisories
Filter by severity
Sangoma FreePBX 1805 through 2203 on Linux contains hardcoded credentials for the Asterisk REST...
High
Unreviewed
CVE-2023-26566
was published
May 14, 2024
In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server...
High
Unreviewed
CVE-2023-52723
was published
Apr 29, 2024
A vulnerability in the default configuration of the Simple Network
Management Protocol (SNMP)...
High
Unreviewed
CVE-2024-5460
was published
Jun 26, 2024
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor....
High
Unreviewed
CVE-2024-6045
was published
Jun 17, 2024
CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege...
High
Unreviewed
CVE-2024-0865
was published
Jun 12, 2024
Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials...
High
Unreviewed
CVE-2024-29170
was published
Jun 4, 2024
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5...
High
Unreviewed
CVE-2024-4844
was published
May 16, 2024
The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication...
High
Unreviewed
CVE-2024-23473
was published
May 14, 2024
Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation...
High
Unreviewed
CVE-2023-51588
was published
May 3, 2024
D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This...
High
Unreviewed
CVE-2023-35724
was published
May 3, 2024
Unauthenticated attackers can perform actions, using SSH private keys, by knowing the IP address...
High
Unreviewed
CVE-2024-3544
was published
May 2, 2024
Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation...
High
Unreviewed
CVE-2024-29966
was published
Apr 19, 2024
Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded keys used by Docker to reach...
High
Unreviewed
CVE-2024-29963
was published
Apr 19, 2024
In the Brocade SANnav server versions before v2.3.1 and v2.3.0a, the SSH keys inside the OVA...
High
Unreviewed
CVE-2024-29960
was published
Apr 19, 2024
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
High
Unreviewed
CVE-2023-41713
was published
Oct 18, 2023
Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One...
High
Unreviewed
CVE-2023-31808
was published
Sep 19, 2023
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a...
High
Unreviewed
CVE-2022-2660
was published
Dec 14, 2022
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which...
High
Unreviewed
CVE-2024-31873
was published
Apr 10, 2024
Azure AI Search Information Disclosure Vulnerability
High
Unreviewed
CVE-2024-29063
was published
Apr 9, 2024
The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers...
High
Unreviewed
CVE-2023-45226
was published
Oct 10, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only...
High
Unreviewed
CVE-2023-36380
was published
Oct 10, 2023
All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device...
High
Unreviewed
CVE-2022-47891
was published
Oct 3, 2023
Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key...
High
Unreviewed
CVE-2023-43637
was published
Sep 21, 2023
An issue in xui-xray v1.8.3 allows attackers to obtain sensitive information via default password.
High
Unreviewed
CVE-2023-41595
was published
Sep 18, 2023
An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain...
High
Unreviewed
CVE-2023-42328
was published
Sep 18, 2023
ProTip!
Advisories are also available from the
GraphQL API