GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,179 advisories
Filter by severity
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This...
Moderate
Unreviewed
CVE-2024-7170
was published
Jul 29, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as...
Low
Unreviewed
CVE-2024-7155
was published
Jul 28, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA...
Moderate
Unreviewed
CVE-2024-41689
was published
Jul 26, 2024
Use of hard-coded MSSQL credentials in PerkinElmer ProcessPlus on Windows allows an attacker to...
Critical
Unreviewed
CVE-2024-6912
was published
Jul 22, 2024
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover...
High
Unreviewed
CVE-2024-5471
was published
Jul 17, 2024
Tenda i29V1.0 V1.0.0.5 was discovered to contain a hardcoded password for root.
Critical
Unreviewed
CVE-2024-35338
was published
Jul 16, 2024
An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS...
Critical
Unreviewed
CVE-2024-28747
was published
Jul 9, 2024
A hard-coded password vulnerability exists in the telnetd functionality of LevelOne WBR-6013...
Critical
Unreviewed
CVE-2023-46685
was published
Jul 8, 2024
mySCADA myPRO
uses a hard-coded password which could allow an attacker to remotely execute code...
Critical
Unreviewed
CVE-2024-4708
was published
Jul 3, 2024
Hardcoded credentials are discovered within the application's source code, creating a potential...
Critical
Unreviewed
CVE-2023-41919
was published
Jul 2, 2024
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an...
Moderate
Unreviewed
CVE-2024-38480
was published
Jul 1, 2024
luci-app-lucky v2.8.3 was discovered to contain hardcoded credentials.
Critical
Unreviewed
CVE-2024-39208
was published
Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account...
Critical
Unreviewed
CVE-2024-39374
was published
Jun 27, 2024
A hardcoded privileged ID within Lumisxp v15.0.x to v16.1.x allows attackers to bypass...
Unknown
Unreviewed
CVE-2024-33329
was published
Jun 26, 2024
A vulnerability in the default configuration of the Simple Network
Management Protocol (SNMP)...
High
Unreviewed
CVE-2024-5460
was published
Jun 26, 2024
Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User...
Critical
Unreviewed
CVE-2023-6198
was published
Jun 25, 2024
The configuration file is encrypted with a static key derived from a
static five-character...
High
Unreviewed
CVE-2024-36496
was published
Jun 24, 2024
Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier...
Critical
Unreviewed
CVE-2024-36480
was published
Jun 19, 2024
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor....
High
Unreviewed
CVE-2024-6045
was published
Jun 17, 2024
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password.
Critical
Unreviewed
CVE-2024-38466
was published
Jun 16, 2024
It appears that some hardcoded keys are used for authentication to internal API. Knowing these...
High
Unreviewed
CVE-2024-27168
was published
Jun 14, 2024
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the...
High
Unreviewed
CVE-2024-27170
was published
Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An...
Moderate
Unreviewed
CVE-2024-27160
was published
Jun 14, 2024
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An...
Moderate
Unreviewed
CVE-2024-27161
was published
Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An...
Moderate
Unreviewed
CVE-2024-27159
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API