GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,651
Composer 4,464
Erlang 33
GitHub Actions 22
Go 2,164
Maven 5,398
npm 3,821
NuGet 696
pip 3,503
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,604

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,184 advisories

Filter by severity

Sort by

Least recently updated

A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x allows attackers to bypass... High Unreviewed

CVE-2024-33329 was published Jun 26, 2024

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local... Moderate Unreviewed

CVE-2024-3130 was published Apr 1, 2024

Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege... High Unreviewed

CVE-2025-27255 was published Mar 10, 2025

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded Password... High Unreviewed

CVE-2024-27774 was published Mar 18, 2024

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed

CVE-2025-27643 was published Mar 5, 2025

A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic.... Low Unreviewed

CVE-2025-1879 was published Mar 3, 2025

An unauthenticated remote attacker can use hard-coded credentials to gain full administration... Critical Unreviewed

CVE-2025-1393 was published Mar 5, 2025

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials.... Critical Unreviewed

CVE-2024-50688 was published Feb 26, 2025

TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded... Critical Unreviewed

CVE-2024-57040 was published Feb 27, 2025

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly... Critical Unreviewed

CVE-2024-51551 was published Dec 5, 2024

Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control... High Unreviewed

CVE-2024-9334 was published Feb 27, 2025

MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the... High Unreviewed

CVE-2023-0391 was published Mar 21, 2023

Insecure AES key in Yealink Configuration Encrypt Tool below verrsion 1.2. A single, vendorwide,... Critical Unreviewed

CVE-2024-24681 was published Feb 24, 2024

SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the... Moderate Unreviewed

CVE-2024-28989 was published Feb 11, 2025

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application... High Unreviewed

CVE-2024-52902 was published Feb 19, 2025

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed

CVE-2023-28503 was published Mar 29, 2023

Use of Hard-coded Credentials vulnerability in GoodWe Technologies Co., Ltd. GW1500‑XS allows... High Unreviewed

CVE-2024-8893 was published Feb 14, 2025

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user... Critical Unreviewed

CVE-2023-30801 was published Oct 10, 2023

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root... Critical Unreviewed

CVE-2025-26410 was published Feb 11, 2025

Certain models of routers from Billion Electric has hard-coded embedded linux credentials,... High Unreviewed

CVE-2025-1143 was published Feb 11, 2025

The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication... High Unreviewed

CVE-2024-23473 was published May 14, 2024

Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to... High Unreviewed

CVE-2024-46436 was published Feb 10, 2025

A default credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote... High Unreviewed

CVE-2024-46433 was published Feb 10, 2025

A hardcoded credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated... High Unreviewed

CVE-2024-46429 was published Feb 10, 2025

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard... Moderate Unreviewed

CVE-2024-21990 was published Apr 17, 2024

Previous 1 2 3 4 5 … 47 48 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,184 advisories