Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,328
Maven
5,000+
npm
3,965
NuGet
712
pip
3,745
Pub
12
RubyGems
921
Rust
974
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

190 advisories

Loading
WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass... Moderate Unreviewed
CVE-2025-5751 was published Jun 6, 2025
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a... Moderate Unreviewed
CVE-2024-23453 was published Jan 24, 2024
A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. This... Moderate Unreviewed
CVE-2025-5164 was published May 26, 2025
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with... Moderate Unreviewed
CVE-2021-41320 was published May 24, 2022
Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an... Moderate Unreviewed
CVE-2025-4633 was published May 30, 2025
Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in... Moderate Unreviewed
CVE-2025-36572 was published May 28, 2025
Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This... Moderate Unreviewed
CVE-2025-41380 was published May 23, 2025
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform ... Moderate Unreviewed
CVE-2019-13543 was published May 24, 2022
There are several scripts in the web interface that are accessible via undocumented hard-coded... Moderate Unreviewed
CVE-2025-48414 was published May 21, 2025
ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to... Moderate Unreviewed
CVE-2025-4876 was published May 19, 2025
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in... Moderate Unreviewed
CVE-2024-13688 was published Apr 28, 2025
Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to... Moderate Unreviewed
CVE-2025-27488 was published May 13, 2025
The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an... Moderate Unreviewed
CVE-2025-47730 was published May 8, 2025
CWE-798: Use of Hard-coded Credentials Moderate Unreviewed
CVE-2025-23179 was published Apr 29, 2025
A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000... Moderate Unreviewed
CVE-2017-9649 was published May 13, 2022
A Use of Hard-Coded Password issue was discovered in Phoenix Broadband PowerAgent SC3 BMS, all... Moderate Unreviewed
CVE-2017-6039 was published May 13, 2022
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. A... Moderate Unreviewed
CVE-2024-22083 was published Mar 20, 2024
Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data. Moderate Unreviewed
CVE-2023-41611 was published Sep 18, 2024
An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to... Moderate Unreviewed
CVE-2022-48067 was published Jan 27, 2023
In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The... Moderate Unreviewed
CVE-2025-30109 was published Mar 18, 2025
IXON B.V. IXrouter IX2400 (Industrial Edge Gateway) v3.0 was discovered to contain hardcoded root... Moderate Unreviewed
CVE-2024-57790 was published Feb 14, 2025
Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local... Moderate Unreviewed
CVE-2024-3130 was published Apr 1, 2024
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the... Moderate Unreviewed
CVE-2024-28989 was published Feb 11, 2025
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard... Moderate Unreviewed
CVE-2024-21990 was published Apr 17, 2024
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be... Moderate Unreviewed
CVE-2024-50690 was published Jan 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database