Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,768
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

570 advisories

Loading
A predefined administrative account is not documented and cannot be deactivated. This account... Critical Unreviewed
CVE-2025-3321 was published Jun 6, 2025
A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE... Critical Unreviewed
CVE-2025-20188 was published May 7, 2025
The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and... Critical Unreviewed
CVE-2025-46352 was published May 30, 2025
Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded... Critical Unreviewed
CVE-2025-48748 was published May 29, 2025
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB... Critical Unreviewed
CVE-2024-51547 was published Feb 6, 2025
In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the... Critical Unreviewed
CVE-2025-45746 was published May 13, 2025
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34441 was published Jan 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34440 was published Jan 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34442 was published Jan 18, 2023
In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with... Critical Unreviewed
CVE-2025-4041 was published May 6, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR... Critical Unreviewed
CVE-2025-32985 was published Apr 25, 2025
UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read,... Critical Unreviewed
CVE-2025-46274 was published Apr 25, 2025
UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain... Critical Unreviewed
CVE-2025-46273 was published Apr 25, 2025
Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access... Critical Unreviewed
CVE-2025-28230 was published Apr 21, 2025
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC use... Critical Unreviewed
CVE-2017-3186 was published May 13, 2022
ACTi cameras including the D, B, I, and E series using firmware version A1D-500-V6.11.31-AC fail... Critical Unreviewed
CVE-2017-3184 was published May 13, 2022
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior... Critical Unreviewed
CVE-2017-9957 was published May 17, 2022
Multiple hardcoded credentials in Xsuite 2.x. Critical Unreviewed
CVE-2015-4667 was published May 14, 2022
The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to... Critical Unreviewed
CVE-2017-14143 was published May 14, 2022
The Epson "EasyMP" software is designed to remotely stream a users computer to supporting... Critical Unreviewed
CVE-2017-12860 was published May 13, 2022
Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative... Critical Unreviewed
CVE-2017-3222 was published May 13, 2022
A hard-coded password issue was discovered in Becton, Dickinson and Company (BD) PerformA,... Critical Unreviewed
CVE-2017-6022 was published May 13, 2022
A Hard-Coded Passwords issue was discovered in Marel Food Processing Systems M3000 terminal... Critical Unreviewed
CVE-2016-9358 was published May 13, 2022
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of... Critical Unreviewed
CVE-2015-7246 was published May 17, 2022
DragonWave Horizon 1.01.03 wireless radios have hardcoded login credentials (such as the username... Critical Unreviewed
CVE-2017-7576 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database