GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,339
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,940
Maven 5,135
npm 3,677
NuGet 645
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,836

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

156 advisories

Filter by severity

Sort by

Least recently updated

JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may... Moderate Unreviewed

CVE-2023-27921 was published May 23, 2023

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... Moderate Unreviewed

CVE-2023-33920 was published Jun 13, 2023

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4... Moderate Unreviewed

CVE-2023-28387 was published Jun 30, 2023

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed

CVE-2023-35763 was published Jul 18, 2023

Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow... Moderate Unreviewed

CVE-2022-44612 was published Aug 11, 2023

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded... Moderate Unreviewed

CVE-2023-3262 was published Aug 14, 2023

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models... Moderate Unreviewed

CVE-2022-3744 was published Aug 23, 2023

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may... Moderate Unreviewed

CVE-2023-39982 was published Sep 2, 2023

Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which... Moderate Unreviewed

CVE-2023-27169 was published Sep 12, 2023

Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 ... Moderate Unreviewed

CVE-2023-45194 was published Oct 11, 2023

Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup... Moderate Unreviewed

CVE-2019-6693 was published May 24, 2022

Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that is used during an... Moderate Unreviewed

CVE-2019-13399 was published May 24, 2022

NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This... Moderate Unreviewed

CVE-2023-34284 was published May 3, 2024

Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass... Moderate Unreviewed

CVE-2023-39458 was published May 3, 2024

A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with... Moderate Unreviewed

CVE-2021-41320 was published May 24, 2022

An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite... Moderate Unreviewed

CVE-2024-22813 was published Apr 22, 2024

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed

CVE-2024-27159 was published Jun 14, 2024

all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An... Moderate Unreviewed

CVE-2024-27161 was published Jun 14, 2024

All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed

CVE-2024-27160 was published Jun 14, 2024

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed

CVE-2024-41689 was published Jul 26, 2024

A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This... Moderate Unreviewed

CVE-2024-7170 was published Jul 29, 2024

Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P... Moderate Unreviewed

CVE-2024-31798 was published Aug 15, 2024

A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-8005 was published Aug 20, 2024

A vulnerability classified as critical has been found in Go-Tribe gotribe up to... Moderate Unreviewed

CVE-2024-8135 was published Aug 25, 2024

IBM MaaS360 for Android 6.31 through 8.60 is using hard coded credentials that can be obtained by... Moderate Unreviewed

CVE-2024-35118 was published Aug 29, 2024

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

156 advisories