GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,002
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
850
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
17 advisories
Filter by severity
Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service...
Low
Unreviewed
CVE-2022-0131
was published
Jan 18, 2022
Hard-coded credentials in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the...
Low
Unreviewed
CVE-2020-25168
was published
Apr 15, 2022
Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4...
Low
Unreviewed
CVE-2018-5552
was published
May 13, 2022
CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption...
Low
Unreviewed
CVE-2020-6857
was published
May 24, 2022
An exploitable use of hard-coded credentials vulnerability exists in multiple iw_* utilities of...
Low
Unreviewed
CVE-2019-5139
was published
May 24, 2022
A CWE-321: Use of hard-coded cryptographic key stored in cleartext vulnerability exists in...
Low
Unreviewed
CVE-2020-7515
was published
May 24, 2022
A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two internal service APIs were...
Low
Unreviewed
CVE-2020-25688
was published
May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses hard coded credentials which could...
Low
Unreviewed
CVE-2019-4309
was published
May 24, 2022
RTL8111EP-CG/RTL8111FP-CG DASH function has hard-coded password. An unauthenticated physical...
Low
Unreviewed
CVE-2022-32967
was published
Nov 29, 2022
There is an improper authentication vulnerability in Pandora FMS v764. The application verifies...
Low
Unreviewed
CVE-2022-43978
was published
Jan 28, 2023
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3...
Low
Unreviewed
CVE-2023-28895
was published
Dec 1, 2023
A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719....
Low
Unreviewed
CVE-2024-1661
was published
Feb 20, 2024
A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as...
Low
Unreviewed
CVE-2024-7155
was published
Jul 28, 2024
A hardcoded AES key in PMFW may result in a privileged attacker gaining access to the key,...
Low
Unreviewed
CVE-2023-20512
was published
Aug 13, 2024
Dell PowerScale InsightIQ, version 5.0, contain a Use of hard coded Credentials vulnerability. A...
Low
Unreviewed
CVE-2024-39582
was published
Sep 10, 2024
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up...
Low
Unreviewed
CVE-2024-10748
was published
Nov 4, 2024
A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as...
Low
Unreviewed
CVE-2024-10920
was published
Nov 6, 2024
ProTip!
Advisories are also available from the
GraphQL API