GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,614
Composer 4,714
Erlang 34
GitHub Actions 28
Go 2,301
Maven 5,576
npm 3,942
NuGet 711
pip 3,711
Pub 12
RubyGems 920
Rust 960
Swift 38

Unreviewed advisories

All unreviewed 257,070

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

582 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the... Critical Unreviewed

CVE-2025-45746 was published May 13, 2025

A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE... Critical Unreviewed

CVE-2025-20188 was published May 7, 2025

In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with... Critical Unreviewed

CVE-2025-4041 was published May 6, 2025

NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR... Critical Unreviewed

CVE-2025-32985 was published Apr 25, 2025

UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain... Critical Unreviewed

CVE-2025-46273 was published Apr 25, 2025

UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read,... Critical Unreviewed

CVE-2025-46274 was published Apr 25, 2025

Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access... Critical Unreviewed

CVE-2025-28230 was published Apr 21, 2025

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected... Critical Unreviewed

CVE-2024-41794 was published Apr 8, 2025

Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization... Critical Unreviewed

CVE-2025-30406 was published Apr 3, 2025

A specific type of ArcGIS Enterprise deployment, is vulnerable to a Password Recovery... Critical Unreviewed

CVE-2025-2538 was published Mar 20, 2025

An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for... Critical Unreviewed

CVE-2025-30137 was published Mar 18, 2025

An issue was discovered on ROADCAM X3 devices. It has a uniform default credential set that... Critical Unreviewed

CVE-2025-30122 was published Mar 18, 2025

An issue was discovered on ROADCAM X3 devices. The mobile app APK (Viidure) contains hardcoded... Critical Unreviewed

CVE-2025-30123 was published Mar 18, 2025

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials... Critical Unreviewed

CVE-2025-30113 was published Mar 18, 2025

An unauthenticated remote attacker can use hard-coded credentials to gain full administration... Critical Unreviewed

CVE-2025-1393 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed

CVE-2025-27643 was published Mar 5, 2025

TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded... Critical Unreviewed

CVE-2024-57040 was published Feb 27, 2025

SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials.... Critical Unreviewed

CVE-2024-50688 was published Feb 26, 2025

The firmware of all Wattsense Bridge devices contain the same hard-coded user and root... Critical Unreviewed

CVE-2025-26410 was published Feb 11, 2025

Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever... Critical Unreviewed

CVE-2024-36556 was published Feb 6, 2025

Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB... Critical Unreviewed

CVE-2024-51547 was published Feb 6, 2025

EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privilege escalation as the... Critical Unreviewed

CVE-2024-53356 was published Feb 1, 2025

HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to... Critical Unreviewed

CVE-2024-48126 was published Jan 15, 2025

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2... Critical Unreviewed

CVE-2023-37936 was published Jan 14, 2025

Use of a hard-coded password for a database administrator account created during Wapro ERP... Critical Unreviewed

CVE-2024-4996 was published Dec 18, 2024

Previous 1 2 3 4 5 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

582 advisories