GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,127 advisories
Filter by severity
A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as...
Moderate
Unreviewed
CVE-2024-10451
was published
Nov 25, 2024
A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated...
Moderate
Unreviewed
CVE-2024-11026
was published
Nov 9, 2024
A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as...
Low
Unreviewed
CVE-2024-10920
was published
Nov 6, 2024
Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro...
High
Unreviewed
CVE-2024-52788
was published
Nov 19, 2024
Tenda W30E v2.0 V16.01.0.8 was discovered to contain a hardcoded password vulnerability in ...
High
Unreviewed
CVE-2024-52789
was published
Nov 19, 2024
Allegra Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows...
Critical
Unreviewed
CVE-2023-51638
was published
Nov 22, 2024
The Versa Director uses PostgreSQL (Postgres) to store operational and configuration data. It is...
Critical
Unreviewed
CVE-2024-42450
was published
Nov 19, 2024
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT'...
High
Unreviewed
CVE-2020-12627
was published
May 24, 2022
Azure Stack HCI Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-49060
was published
Nov 15, 2024
The Clinician Password and Serial Number Clinician Password are hard-coded into the ventilator in...
Critical
Unreviewed
CVE-2024-48971
was published
Nov 15, 2024
In Progress® Telerik® Report Server versions prior to 2024 Q4 (10.3.24.1112), the encryption of...
High
Unreviewed
CVE-2024-7295
was published
Nov 13, 2024
"Piccoma" App for Android and iOS versions prior to 6.20.0 uses a hard-coded API key for an...
Moderate
Unreviewed
CVE-2024-38480
was published
Jul 1, 2024
An attacker with local access to the medical office computer can
access restricted functions of...
High
Unreviewed
CVE-2024-50593
was published
Nov 8, 2024
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in...
Moderate
Unreviewed
CVE-2024-5764
was published
Oct 23, 2024
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up...
Low
Unreviewed
CVE-2024-10748
was published
Nov 4, 2024
LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily...
Critical
Unreviewed
CVE-2024-51431
was published
Nov 1, 2024
A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100,...
Critical
Unreviewed
CVE-2024-20412
was published
Oct 23, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Data is sent between...
Moderate
Unreviewed
CVE-2024-45165
was published
Aug 22, 2024
A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with...
Moderate
Unreviewed
CVE-2024-20280
was published
Oct 16, 2024
An issue in Automatic Systems SOC FL9600 FastLine v.lego_T04E00 allows a remote attacker to...
High
Unreviewed
CVE-2023-37608
was published
Jan 3, 2024
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key,...
Low
Unreviewed
CVE-2023-20512
was published
Aug 13, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows...
High
Unreviewed
CVE-2024-28875
was published
Oct 30, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows...
High
Unreviewed
CVE-2024-31151
was published
Oct 30, 2024
IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950.00 through FW950.C0, FW1030...
Critical
Unreviewed
CVE-2024-45656
was published
Oct 29, 2024
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-890L 1.20b01 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2022-29778
was published
Jun 4, 2022
ProTip!
Advisories are also available from the
GraphQL API