GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
51 advisories
Filter by severity
mySCADA myPRO
uses a hard-coded password which could allow an attacker to remotely execute code...
Critical
Unreviewed
CVE-2024-4708
was published
Jul 3, 2024
H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc...
Critical
Unreviewed
CVE-2024-38902
was published
Jun 24, 2024
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock...
High
Unreviewed
CVE-2024-5275
was published
Jun 18, 2024
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability...
High
Unreviewed
CVE-2024-37644
was published
Jun 14, 2024
Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to...
Critical
Unreviewed
CVE-2024-34539
was published
Jun 14, 2024
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see...
High
Unreviewed
CVE-2024-27164
was published
Jun 14, 2024
A vulnerability exists in the message queueing mechanism that if
exploited can lead to the...
Moderate
Unreviewed
CVE-2024-28023
was published
Jun 11, 2024
CyberPower PowerPanel business application code contains a hard-coded set of authentication ...
Critical
Unreviewed
CVE-2024-34025
was published
May 15, 2024
CyberPower PowerPanel business
application code contains a hard-coded JWT signing key. This...
Critical
Unreviewed
CVE-2024-33625
was published
May 15, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt.
Moderate
Unreviewed
CVE-2024-33867
was published
May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device...
Critical
Unreviewed
CVE-2024-32741
was published
May 14, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ...
Unknown
Unreviewed
CVE-2024-31810
was published
May 14, 2024
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability...
Moderate
Unreviewed
CVE-2023-51629
was published
May 3, 2024
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability...
High
Unreviewed
CVE-2023-32145
was published
May 3, 2024
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability...
High
Unreviewed
CVE-2024-29011
was published
May 1, 2024
ONTAP Select Deploy administration utility versions 9.12.1.x,
9.13.1.x and 9.14.1.x contain hard...
Moderate
Unreviewed
CVE-2024-21990
was published
Apr 17, 2024
Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3,...
Critical
Unreviewed
CVE-2024-28010
was published
Mar 28, 2024
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-26196
was published
Mar 21, 2024
Chirp Access improperly stores credentials within its source code, potentially exposing...
Critical
Unreviewed
CVE-2024-2197
was published
Mar 20, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 -
CWE-259: Use of Hard-coded...
High
Unreviewed
CVE-2024-27774
was published
Mar 18, 2024
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or...
Moderate
Unreviewed
CVE-2023-50948
was published
Jan 8, 2024
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3...
Low
Unreviewed
CVE-2023-28895
was published
Dec 1, 2023
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function.
High
Unreviewed
CVE-2023-41713
was published
Oct 18, 2023
A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. This...
Moderate
Unreviewed
CVE-2023-5222
was published
Sep 27, 2023
Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated...
Moderate
Unreviewed
CVE-2023-41030
was published
Sep 18, 2023
ProTip!
Advisories are also available from the
GraphQL API