GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,413

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,173 advisories

Filter by severity

Sort by

Least recently updated

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... Moderate Unreviewed

CVE-2023-37858 was published Aug 9, 2023

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on... High Unreviewed

CVE-2023-21652 was published Aug 8, 2023

Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's... Critical Unreviewed

CVE-2023-33372 was published Aug 4, 2023

Control ID IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and... Critical Unreviewed

CVE-2023-33371 was published Aug 3, 2023

JBL soundbar multibeam 5.1 - CWE-798: Use of Hard-coded Credentials Critical Unreviewed

CVE-2023-37215 was published Jul 30, 2023

Synel SYnergy Fingerprint Terminals - CWE-798: Use of Hard-coded Credentials Critical Unreviewed

CVE-2023-32227 was published Jul 30, 2023

TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN):... Critical Unreviewed

CVE-2023-33744 was published Jul 27, 2023

Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow... High Unreviewed

CVE-2023-38433 was published Jul 26, 2023

Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An... Critical Unreviewed

CVE-2023-37291 was published Jul 21, 2023

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed

CVE-2023-35763 was published Jul 18, 2023

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed

CVE-2023-34123 was published Jul 13, 2023

SmartBPM.NET has a vulnerability of using hard-coded authentication key. An unauthenticated... Critical Unreviewed

CVE-2023-37287 was published Jul 10, 2023

SmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. An unauthenticated... Critical Unreviewed

CVE-2023-37286 was published Jul 10, 2023

PiiGAB M-Bus contains hard-coded credentials which it uses for authentication. Critical Unreviewed

CVE-2023-35987 was published Jul 7, 2023

Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious... Critical Unreviewed

CVE-2023-2158 was published Jul 6, 2023

Electra Central AC unit – Hardcoded Credentials in unspecified code used by the unit. Critical Unreviewed

CVE-2023-24501 was published Jul 6, 2023

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2... Critical Unreviewed

CVE-2022-45444 was published Jul 6, 2023

A support user exists on the device and appears to be a backdoor for Technical Support staff. The... High Unreviewed

CVE-2022-47209 was published Jul 6, 2023

AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded... High Unreviewed

CVE-2023-34473 was published Jul 5, 2023

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded... High Unreviewed

CVE-2023-36623 was published Jul 5, 2023

AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded... Critical Unreviewed

CVE-2023-34338 was published Jul 5, 2023

"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4... Moderate Unreviewed

CVE-2023-28387 was published Jun 30, 2023

Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not... Critical Unreviewed

CVE-2023-2611 was published Jun 22, 2023

Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code... High Unreviewed

CVE-2023-32274 was published Jun 20, 2023

A security vulnerability in HPE Insight Remote Support may result in the local disclosure of... Moderate Unreviewed

CVE-2023-30904 was published Jun 16, 2023

Previous 1 2 … 10 11 12 13 14 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,173 advisories