GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,339
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,940
Maven 5,135
npm 3,677
NuGet 645
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,836

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

522 advisories

Filter by severity

Sort by

Least recently updated

The listed versions of Nexx Smart Home devices use hard-coded credentials. An attacker with... Critical Unreviewed

CVE-2023-1748 was published Apr 4, 2023

Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded... Critical Unreviewed

CVE-2023-28654 was published Mar 28, 2023

Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows... Critical Unreviewed

CVE-2022-22512 was published Mar 23, 2023

A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0... Critical Unreviewed

CVE-2023-26511 was published Mar 14, 2023

The Akuvox E11 secure shell (SSH) server is enabled by default and can be accessed by the root... Critical Unreviewed

CVE-2023-0345 was published Mar 13, 2023

Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC... Critical Unreviewed

CVE-2023-22344 was published Mar 6, 2023

ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded... Critical Unreviewed

CVE-2023-26462 was published Feb 23, 2023

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP... Critical Unreviewed

CVE-2022-46637 was published Feb 21, 2023

Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could... Critical Unreviewed

CVE-2022-3089 was published Feb 13, 2023

Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software... Critical Unreviewed

CVE-2022-45766 was published Feb 10, 2023

Western Digital My Cloud devices before OS5 have a nobody account with a blank password. Critical Unreviewed

CVE-2021-36224 was published Feb 6, 2023

TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which... Critical Unreviewed

CVE-2023-24155 was published Feb 3, 2023

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is... Critical Unreviewed

CVE-2023-24149 was published Feb 3, 2023

A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to... Critical Unreviewed

CVE-2022-48113 was published Feb 3, 2023

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3... Critical Unreviewed

CVE-2023-24022 was published Jan 26, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34442 was published Jan 18, 2023

EXFO - BV-10 Performance Endpoint Unit Undocumented privileged user. Unit has an undocumented... Critical Unreviewed

CVE-2022-39185 was published Jan 12, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34441 was published Jan 11, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34440 was published Jan 11, 2023

In the DES implementation, the affected product versions use a default key for encryption.... Critical Unreviewed

CVE-2021-40342 was published Jan 6, 2023

The affected products store both public and private key that are used to sign and protect Custom... Critical Unreviewed

CVE-2022-3927 was published Jan 6, 2023

Merit LILIN AH55B04 & AH55B08 DVR firm has hard-coded administrator credentials. An... Critical Unreviewed

CVE-2022-47618 was published Jan 3, 2023

A vulnerability, which was classified as critical, has been found in taoeffect Empress. Affected... Critical Unreviewed

CVE-2014-125030 was published Jan 1, 2023

Mutiny 7.2.0-10788 suffers from Hardcoded root password. Critical Unreviewed

CVE-2022-37832 was published Dec 17, 2022

Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an... Critical Unreviewed

CVE-2022-41653 was published Dec 14, 2022

Previous 1 2 3 4 5 6 7 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

522 advisories