GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,420

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,173 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Fighting Cock Information System 1.0, which uses default credentials,... Critical Unreviewed

CVE-2022-39989 was published Apr 26, 2023

PWS Personal Weather Station Dashboard (PWS_Dashboard) LTS December 2020 (2012_lts) allows remote... High Unreviewed

CVE-2022-45291 was published Apr 25, 2023

TP-Link Tapo C310 1.3.0 devices allow access to the RTSP video feed via credentials of User ---... High Unreviewed

CVE-2022-37255 was published Apr 16, 2023

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials... High Unreviewed

CVE-2023-22429 was published Apr 11, 2023

The listed versions of Nexx Smart Home devices use hard-coded credentials. An attacker with... Critical Unreviewed

CVE-2023-1748 was published Apr 4, 2023

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed

CVE-2023-28503 was published Mar 29, 2023

Osprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded... Critical Unreviewed

CVE-2023-28654 was published Mar 28, 2023

Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows... Critical Unreviewed

CVE-2022-22512 was published Mar 23, 2023

MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the... High Unreviewed

CVE-2023-0391 was published Mar 21, 2023

A Hard Coded Admin Credentials issue in the Web-UI Admin Panel in Propius MachineSelector 6.6.0... Critical Unreviewed

CVE-2023-26511 was published Mar 14, 2023

The Akuvox E11 secure shell (SSH) server is enabled by default and can be accessed by the root... Critical Unreviewed

CVE-2023-0345 was published Mar 13, 2023

Use of hard-coded credentials vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC... Critical Unreviewed

CVE-2023-22344 was published Mar 6, 2023

ThingsBoard 3.4.1 could allow a remote attacker to gain elevated privileges because hard-coded... Critical Unreviewed

CVE-2023-26462 was published Feb 23, 2023

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP... Critical Unreviewed

CVE-2022-46637 was published Feb 21, 2023

Echelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could... Critical Unreviewed

CVE-2022-3089 was published Feb 13, 2023

A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW3_15U_5406_1.47/MW3_15U_5406_1.471.... Moderate Unreviewed

CVE-2023-0808 was published Feb 13, 2023

PowerPath Management Appliance with versions 3.3 & 3.2* contains a Hardcoded Cryptographic Keys... Moderate Unreviewed

CVE-2022-34449 was published Feb 11, 2023

Dell SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs ... Moderate Unreviewed

CVE-2022-34386 was published Feb 11, 2023

Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software... Critical Unreviewed

CVE-2022-45766 was published Feb 10, 2023

Hardcoded AES key to encrypt cardemulation PINs in NFC prior to SMR Jan-2023 Release 1 allows... Moderate Unreviewed

CVE-2023-21426 was published Feb 9, 2023

Western Digital My Cloud devices before OS5 have a nobody account with a blank password. Critical Unreviewed

CVE-2021-36224 was published Feb 6, 2023

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for the telnet... High Unreviewed

CVE-2023-24147 was published Feb 3, 2023

TOTOLINK T8 V4.1.5cu was discovered to contain a hard code password for the telnet service which... Critical Unreviewed

CVE-2023-24155 was published Feb 3, 2023

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a hard code password for root which is... Critical Unreviewed

CVE-2023-24149 was published Feb 3, 2023

A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to... Critical Unreviewed

CVE-2022-48113 was published Feb 3, 2023

Previous 1 2 … 12 13 14 15 16 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,173 advisories