GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,367

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,208 advisories

Filter by severity

Sort by

Least recently updated

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application... High Unreviewed

CVE-2024-52902 was published Feb 19, 2025

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed

CVE-2023-28503 was published Mar 29, 2023

Use of Hard-coded Credentials vulnerability in GoodWe Technologies Co., Ltd. GW1500‑XS allows... High Unreviewed

CVE-2024-8893 was published Feb 14, 2025

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user... Critical Unreviewed

CVE-2023-30801 was published Oct 10, 2023

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root... Critical Unreviewed

CVE-2025-26410 was published Feb 11, 2025

Certain models of routers from Billion Electric has hard-coded embedded linux credentials,... High Unreviewed

CVE-2025-1143 was published Feb 11, 2025

The SolarWinds Access Rights Manager was found to contain a hard-coded credential authentication... High Unreviewed

CVE-2024-23473 was published May 14, 2024

Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to... High Unreviewed

CVE-2024-46436 was published Feb 10, 2025

A hardcoded credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated... High Unreviewed

CVE-2024-46429 was published Feb 10, 2025

A default credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote... High Unreviewed

CVE-2024-46433 was published Feb 10, 2025

ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard... Moderate Unreviewed

CVE-2024-21990 was published Apr 17, 2024

Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever... Critical Unreviewed

CVE-2024-36556 was published Feb 6, 2025

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be... Moderate Unreviewed

CVE-2024-50690 was published Jan 25, 2025

SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that... Moderate Unreviewed

CVE-2024-50692 was published Jan 25, 2025

Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB... Critical Unreviewed

CVE-2024-51547 was published Feb 6, 2025

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded... Moderate Unreviewed

CVE-2020-8657 was published May 24, 2022

Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability... Moderate Unreviewed

CVE-2024-48007 was published Dec 13, 2024

Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation... High Unreviewed

CVE-2024-29966 was published Apr 19, 2024

Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded keys used by Docker to reach... High Unreviewed

CVE-2024-29963 was published Apr 19, 2024

In the Brocade SANnav server versions before v2.3.1 and v2.3.0a, the SSH keys inside the OVA... High Unreviewed

CVE-2024-29960 was published Apr 19, 2024

A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all... Low Unreviewed

CVE-2024-50564 was published Jan 14, 2025

EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privilege escalation as the... Critical Unreviewed

CVE-2024-53356 was published Feb 1, 2025

In EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0, the AES encryption keys used to encrypt... High Unreviewed

CVE-2024-53357 was published Feb 1, 2025

Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus (AMP)... High Unreviewed

CVE-2023-2291 was published Apr 26, 2023

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2... Critical Unreviewed

CVE-2023-37936 was published Jan 14, 2025

Previous 1 2 3 4 5 … 48 49 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,208 advisories