GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,405

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,173 advisories

Filter by severity

Sort by

Least recently updated

Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/... Critical Unreviewed

CVE-2018-17558 was published Oct 27, 2023

The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to... High Unreviewed

CVE-2023-46102 was published Oct 25, 2023

The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify... High Unreviewed

CVE-2023-41372 was published Oct 25, 2023

EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key Critical Unreviewed

CVE-2023-42492 was published Oct 25, 2023

The Hawk Console and Hawk Agent components of TIBCO Software Inc.'s TIBCO Hawk, TIBCO Hawk... High Unreviewed

CVE-2023-26219 was published Oct 25, 2023

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed

CVE-2022-22466 was published Oct 23, 2023

SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. High Unreviewed

CVE-2023-41713 was published Oct 18, 2023

IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed

CVE-2023-33836 was published Oct 16, 2023

Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 ... Moderate Unreviewed

CVE-2023-45194 was published Oct 11, 2023

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user... Critical Unreviewed

CVE-2023-30801 was published Oct 10, 2023

The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers... High Unreviewed

CVE-2023-45226 was published Oct 10, 2023

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only... High Unreviewed

CVE-2023-36380 was published Oct 10, 2023

Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information... Critical Unreviewed

CVE-2023-2306 was published Oct 5, 2023

A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to... Critical Unreviewed

CVE-2023-20101 was published Oct 4, 2023

Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation... Critical Unreviewed

CVE-2023-2809 was published Oct 4, 2023

All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device... High Unreviewed

CVE-2022-47891 was published Oct 3, 2023

Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could... High Unreviewed

CVE-2023-20034 was published Sep 27, 2023

Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key... High Unreviewed

CVE-2023-43637 was published Sep 21, 2023

Use of a static key to protect a JWT token used in user authentication can allow an for an... Critical Unreviewed

CVE-2023-5074 was published Sep 20, 2023

** UNSUPPPORTED WHEN ASSIGNED ** Devices ekorCCP and ekorRCI are vulnerable due to access to the... Critical Unreviewed

CVE-2022-47558 was published Sep 19, 2023

Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One... High Unreviewed

CVE-2023-31808 was published Sep 19, 2023

Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated... Moderate Unreviewed

CVE-2023-41030 was published Sep 18, 2023

An issue in xui-xray v1.8.3 allows attackers to obtain sensitive information via default password. High Unreviewed

CVE-2023-41595 was published Sep 18, 2023

An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain... High Unreviewed

CVE-2023-42328 was published Sep 18, 2023

An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2023-42336 was published Sep 16, 2023

Previous 1 2 … 8 9 10 11 12 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,173 advisories