Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,722
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,947
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

187 advisories

Loading
Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in... Moderate Unreviewed
CVE-2025-36572 was published May 28, 2025
Iridium Certus 700 version 1.0.1 has an embedded credentials vulnerability in the code. This... Moderate Unreviewed
CVE-2025-41380 was published May 23, 2025
There are several scripts in the web interface that are accessible via undocumented hard-coded... Moderate Unreviewed
CVE-2025-48414 was published May 21, 2025
ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to... Moderate Unreviewed
CVE-2025-4876 was published May 19, 2025
Use of hard-coded credentials in Windows Hardware Lab Kit allows an authorized attacker to... Moderate Unreviewed
CVE-2025-27488 was published May 13, 2025
The TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an... Moderate Unreviewed
CVE-2025-47730 was published May 8, 2025
CWE-798: Use of Hard-coded Credentials Moderate Unreviewed
CVE-2025-23179 was published Apr 29, 2025
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in... Moderate Unreviewed
CVE-2024-13688 was published Apr 28, 2025
In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The... Moderate Unreviewed
CVE-2025-30109 was published Mar 18, 2025
IXON B.V. IXrouter IX2400 (Industrial Edge Gateway) v3.0 was discovered to contain hardcoded root... Moderate Unreviewed
CVE-2024-57790 was published Feb 14, 2025
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the... Moderate Unreviewed
CVE-2024-28989 was published Feb 11, 2025
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that... Moderate Unreviewed
CVE-2024-50692 was published Jan 25, 2025
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be... Moderate Unreviewed
CVE-2024-50690 was published Jan 25, 2025
Flawed token generation implementation & Hard-coded key implementation Moderate Unreviewed
CVE-2024-55927 was published Jan 23, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure... Moderate Unreviewed
CVE-2024-28778 was published Jan 7, 2025
Dell RecoverPoint for Virtual Machines 6.0.x contains use of hard-coded credentials vulnerability... Moderate Unreviewed
CVE-2024-48007 was published Dec 13, 2024
A vulnerability in the SonicWall SMA100 SSLVPN firmware 10.2.1.13-72sv and earlier versions... Moderate Unreviewed
CVE-2024-45319 was published Dec 5, 2024
A hardcoded decryption key in Thinkware Cloud APK v4.3.46 allows attackers to access sensitive... Moderate Unreviewed
CVE-2024-53614 was published Dec 4, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain a hardcoded... Moderate Unreviewed
CVE-2024-40410 was published Nov 14, 2024
A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated... Moderate Unreviewed
CVE-2024-11026 was published Nov 9, 2024
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in... Moderate Unreviewed
CVE-2024-5764 was published Oct 23, 2024
MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded... Moderate Unreviewed
CVE-2024-4740 was published Oct 18, 2024
A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with... Moderate Unreviewed
CVE-2024-20280 was published Oct 16, 2024
Certain switch models from PLANET Technology have a Hard-coded Credential in the password... Moderate Unreviewed
CVE-2024-8449 was published Sep 30, 2024
Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass... Moderate Unreviewed
CVE-2024-23958 was published Sep 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database