Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

447 advisories

Loading
An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain... High Unreviewed
CVE-2023-42328 was published Sep 18, 2023
A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may... High Unreviewed
CVE-2023-40717 was published Sep 13, 2023
The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user... High Unreviewed
CVE-2023-39420 was published Sep 7, 2023
The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of... High Unreviewed
CVE-2023-39421 was published Sep 7, 2023
Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions... High Unreviewed
CVE-2023-32619 was published Sep 6, 2023
Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL... High Unreviewed
CVE-2023-31173 was published Aug 31, 2023
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man... High Unreviewed
CVE-2023-23771 was published Aug 29, 2023
Netmaker has Hardcoded DNS Secret Key High
CVE-2023-32077 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh iamnoooob
The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote... High Unreviewed
CVE-2023-4419 was published Aug 24, 2023
EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were... High Unreviewed
CVE-2023-37426 was published Aug 22, 2023
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due... High Unreviewed
CVE-2023-22957 was published Aug 11, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a... High Unreviewed
CVE-2023-22956 was published Aug 11, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... High Unreviewed
CVE-2023-37857 was published Aug 9, 2023
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on... High Unreviewed
CVE-2023-21652 was published Aug 8, 2023
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow... High Unreviewed
CVE-2023-38433 was published Jul 26, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed
CVE-2023-34123 was published Jul 13, 2023
A support user exists on the device and appears to be a backdoor for Technical Support staff. The... High Unreviewed
CVE-2022-47209 was published Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded... High Unreviewed
CVE-2023-34473 was published Jul 5, 2023
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded... High Unreviewed
CVE-2023-36623 was published Jul 5, 2023
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code... High Unreviewed
CVE-2023-32274 was published Jun 20, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN... High Unreviewed
CVE-2023-25187 was published Jun 16, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to... High Unreviewed
CVE-2023-2637 was published Jun 13, 2023
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker... High Unreviewed
CVE-2022-47617 was published Jun 2, 2023
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2061 was published Jun 2, 2023
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider... High Unreviewed
CVE-2023-28937 was published Jun 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database