GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,339
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,940
Maven 5,135
npm 3,677
NuGet 645
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,836

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

522 advisories

Filter by severity

Sort by

Least recently updated

Unitronics Vision Series PLCs and HMIs use default administrative passwords. An unauthenticated... Critical Unreviewed

CVE-2023-6448 was published Dec 5, 2023

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials... Critical Unreviewed

CVE-2023-23324 was published Nov 29, 2023

First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated... Critical Unreviewed

CVE-2023-47213 was published Nov 16, 2023

Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the... Critical Unreviewed

CVE-2023-47800 was published Nov 10, 2023

Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is... Critical Unreviewed

CVE-2023-5777 was published Nov 6, 2023

VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain hardcoded... Critical Unreviewed

CVE-2023-45499 was published Oct 27, 2023

Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/... Critical Unreviewed

CVE-2018-17558 was published Oct 27, 2023

EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key Critical Unreviewed

CVE-2023-42492 was published Oct 25, 2023

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed

CVE-2022-22466 was published Oct 23, 2023

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed

CVE-2023-33836 was published Oct 16, 2023

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user... Critical Unreviewed

CVE-2023-30801 was published Oct 10, 2023

Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information... Critical Unreviewed

CVE-2023-2306 was published Oct 5, 2023

A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to... Critical Unreviewed

CVE-2023-20101 was published Oct 4, 2023

Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation... Critical Unreviewed

CVE-2023-2809 was published Oct 4, 2023

Use of a static key to protect a JWT token used in user authentication can allow an for an... Critical Unreviewed

CVE-2023-5074 was published Sep 20, 2023

** UNSUPPPORTED WHEN ASSIGNED ** Devices ekorCCP and ekorRCI are vulnerable due to access to the... Critical Unreviewed

CVE-2022-47558 was published Sep 19, 2023

An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2023-42336 was published Sep 16, 2023

i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default... Critical Unreviewed

CVE-2023-37755 was published Sep 14, 2023

The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates... Critical Unreviewed

CVE-2023-39422 was published Sep 7, 2023

A hard coded password in Super Store Finder v3.6 allows attackers to access the administration... Critical Unreviewed

CVE-2023-41508 was published Sep 5, 2023

Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site... Critical Unreviewed

CVE-2023-23770 was published Aug 29, 2023

SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-coded uBoot credentials. An... Critical Unreviewed

CVE-2023-38026 was published Aug 28, 2023

SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of using hard-coded... Critical Unreviewed

CVE-2023-38024 was published Aug 28, 2023

N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which... Critical Unreviewed

CVE-2023-39808 was published Aug 21, 2023

NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential... Critical Unreviewed

CVE-2023-4204 was published Aug 16, 2023

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

522 advisories