GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,751
Composer 4,748
Erlang 35
GitHub Actions 29
Go 2,321
Maven 5,605
npm 3,955
NuGet 712
pip 3,736
Pub 12
RubyGems 921
Rust 972
Swift 38

Unreviewed advisories

All unreviewed 257,927

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

584 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric... Critical Unreviewed

CVE-2024-55557 was published Dec 16, 2024

Use of a hard-coded password for a database administrator account created during Wapro ERP... Critical Unreviewed

CVE-2024-4996 was published Dec 18, 2024

HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to... Critical Unreviewed

CVE-2024-48126 was published Jan 15, 2025

INPRAX "iZZi connect" application on Android contains hard-coded MQTT queue credentials. The same... Critical Unreviewed

CVE-2024-0390 was published Feb 15, 2024

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2... Critical Unreviewed

CVE-2023-37936 was published Jan 14, 2025

EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privilege escalation as the... Critical Unreviewed

CVE-2024-53356 was published Feb 1, 2025

Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever... Critical Unreviewed

CVE-2024-36556 was published Feb 6, 2025

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root... Critical Unreviewed

CVE-2025-26410 was published Feb 11, 2025

All versions of the qBittorrent client through 4.5.5 use default credentials when the web user... Critical Unreviewed

CVE-2023-30801 was published Oct 10, 2023

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed

CVE-2023-28503 was published Mar 29, 2023

Insecure AES key in Yealink Configuration Encrypt Tool below verrsion 1.2. A single, vendorwide,... Critical Unreviewed

CVE-2024-24681 was published Feb 24, 2024

Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly... Critical Unreviewed

CVE-2024-51551 was published Dec 5, 2024

TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded... Critical Unreviewed

CVE-2024-57040 was published Feb 27, 2025

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials.... Critical Unreviewed

CVE-2024-50688 was published Feb 26, 2025

An unauthenticated remote attacker can use hard-coded credentials to gain full administration... Critical Unreviewed

CVE-2025-1393 was published Mar 5, 2025

Prolink router PRS1841 was discovered to contain hardcoded credentials for its Telnet and FTP... Critical Unreviewed

CVE-2022-46637 was published Feb 21, 2023

A specific type of ArcGIS Enterprise deployment, is vulnerable to a Password Recovery... Critical Unreviewed

CVE-2025-2538 was published Mar 20, 2025

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials... Critical Unreviewed

CVE-2025-30113 was published Mar 18, 2025

An issue was discovered on ROADCAM X3 devices. It has a uniform default credential set that... Critical Unreviewed

CVE-2025-30122 was published Mar 18, 2025

An issue was discovered on ROADCAM X3 devices. The mobile app APK (Viidure) contains hardcoded... Critical Unreviewed

CVE-2025-30123 was published Mar 18, 2025

Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software... Critical Unreviewed

CVE-2022-45766 was published Feb 10, 2023

An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for... Critical Unreviewed

CVE-2025-30137 was published Mar 18, 2025

Hard-coded JWT secret allows authentication bypass in Veeam Recovery Orchestrator Critical Unreviewed

CVE-2024-29855 was published Jun 11, 2024

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected... Critical Unreviewed

CVE-2024-41794 was published Apr 8, 2025

TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at ... Critical Unreviewed

CVE-2024-31810 was published May 14, 2024

Previous 1 2 … 20 21 22 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

584 advisories