Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

51 advisories

Loading
mySCADA myPRO uses a hard-coded password which could allow an attacker to remotely execute code... Critical Unreviewed
CVE-2024-4708 was published Jul 3, 2024
H3C Magic R230 V100R002 was discovered to contain a hardcoded password vulnerability in /etc... Critical Unreviewed
CVE-2024-38902 was published Jun 24, 2024
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock... High Unreviewed
CVE-2024-5275 was published Jun 18, 2024
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a hardcoded password vulnerability... High Unreviewed
CVE-2024-37644 was published Jun 14, 2024
Hardcoded credentials in TerraMaster TOS firmware through 5.1 allow a remote attacker to... Critical Unreviewed
CVE-2024-34539 was published Jun 14, 2024
Toshiba printers contain hardcoded credentials. As for the affected products/models/versions, see... High Unreviewed
CVE-2024-27164 was published Jun 14, 2024
A vulnerability exists in the message queueing mechanism that if exploited can lead to the... Moderate Unreviewed
CVE-2024-28023 was published Jun 11, 2024
CyberPower PowerPanel business application code contains a hard-coded set of authentication ... Critical Unreviewed
CVE-2024-34025 was published May 15, 2024
CyberPower PowerPanel business application code contains a hard-coded JWT signing key. This... Critical Unreviewed
CVE-2024-33625 was published May 15, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt. Moderate Unreviewed
CVE-2024-33867 was published May 14, 2024
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V3.0). The affected device... Critical Unreviewed
CVE-2024-32741 was published May 14, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ... Unknown Unreviewed
CVE-2024-31810 was published May 14, 2024
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2023-51629 was published May 3, 2024
D-Link DAP-1360 Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability... High Unreviewed
CVE-2023-32145 was published May 3, 2024
Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability... High Unreviewed
CVE-2024-29011 was published May 1, 2024
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard... Moderate Unreviewed
CVE-2024-21990 was published Apr 17, 2024
Use of Hard-coded Password in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3,... Critical Unreviewed
CVE-2024-28010 was published Mar 28, 2024
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-26196 was published Mar 21, 2024
Chirp Access improperly stores credentials within its source code, potentially exposing... Critical Unreviewed
CVE-2024-2197 was published Mar 20, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-259: Use of Hard-coded... High Unreviewed
CVE-2024-27774 was published Mar 18, 2024
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or... Moderate Unreviewed
CVE-2023-50948 was published Jan 8, 2024
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3... Low Unreviewed
CVE-2023-28895 was published Dec 1, 2023
SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. High Unreviewed
CVE-2023-41713 was published Oct 18, 2023
A vulnerability classified as critical was found in Viessmann Vitogate 300 up to 2.1.3.0. This... Moderate Unreviewed
CVE-2023-5222 was published Sep 27, 2023
Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated... Moderate Unreviewed
CVE-2023-41030 was published Sep 18, 2023
ProTip! Advisories are also available from the GraphQL API