Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,159 advisories

Loading
The configuration file is encrypted with a static key derived from a static five-character... High Unreviewed
CVE-2024-36496 was published Jun 24, 2024
Use of hard-coded credentials issue exists in Ricoh Streamline NX PC Client ver.3.7.2 and earlier... Critical Unreviewed
CVE-2024-36480 was published Jun 19, 2024
Certain models of D-Link wireless routers contain an undisclosed factory testing backdoor.... High Unreviewed
CVE-2024-6045 was published Jun 17, 2024
Shenzhen Guoxin Synthesis image system before 8.3.0 has a 123456Qw default password. Critical Unreviewed
CVE-2024-38466 was published Jun 16, 2024
It was observed that all the Toshiba printers contain credentials used for WebDAV access in the... High Unreviewed
CVE-2024-27170 was published Jun 14, 2024
It appears that some hardcoded keys are used for authentication to internal API. Knowing these... High Unreviewed
CVE-2024-27168 was published Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed
CVE-2024-27159 was published Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed
CVE-2024-27160 was published Jun 14, 2024
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An... Moderate Unreviewed
CVE-2024-27161 was published Jun 14, 2024
D-Link DIR-605L v2.13B01 was discovered to contain a hardcoded password vulnerability in /etc... High Unreviewed
CVE-2024-37630 was published Jun 13, 2024
An attacker can access the maintenance console using hard coded credentials for a hidden wireless... High Unreviewed
CVE-2024-38281 was published Jun 13, 2024
CWE-798: Use of hard-coded credentials vulnerability exists that could cause local privilege... High Unreviewed
CVE-2024-0865 was published Jun 12, 2024
Apache Submarine Commons Utils has a hard-coded secret Moderate
CVE-2024-36264 was published for apache-submarine (Maven) Jun 12, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed
CVE-2024-1228 was published Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed
CVE-2024-3699 was published Jun 10, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive... Critical Unreviewed
CVE-2024-3700 was published Jun 10, 2024
Precor touchscreen console P82 contains a private SSH key that corresponds to a default public... High Unreviewed
CVE-2023-49222 was published Jun 7, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-49223 was published Jun 7, 2024
Precor touchscreen console P62, P80, and P82 contains a default SSH public key in the... High Unreviewed
CVE-2023-49224 was published Jun 7, 2024
Precor touchscreen console P62, P80, and P82 could allow a remote attacker (within the local... High Unreviewed
CVE-2023-49221 was published Jun 7, 2024
Authentication bypass in dtale High
CVE-2024-3408 was published for dtale (pip) Jun 6, 2024
Dell PowerScale OneFS versions 8.2.x through 9.8.0.x contain a use of hard coded credentials... High Unreviewed
CVE-2024-29170 was published Jun 4, 2024
TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in ... Critical Unreviewed
CVE-2024-36782 was published Jun 3, 2024
'OfferBox' App for Android versions 2.0.0 to 2.3.17 and 'OfferBox' App for iOS versions 2.1.7 to... High Unreviewed
CVE-2024-32988 was published May 22, 2024
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator (ePO) on Premise prior to 5... High Unreviewed
CVE-2024-4844 was published May 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database