Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,150
Maven
5,000+
npm
3,815
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,217 advisories

Loading
An unauthenticated remote attacker can use hard-coded credentials to gain full administration... Critical Unreviewed
CVE-2025-1393 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed
CVE-2025-27643 was published Mar 5, 2025
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic.... Low Unreviewed
CVE-2025-1879 was published Mar 3, 2025
Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control... High Unreviewed
CVE-2024-9334 was published Feb 27, 2025
TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded... Critical Unreviewed
CVE-2024-57040 was published Feb 27, 2025
SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials.... Critical Unreviewed
CVE-2024-50688 was published Feb 26, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application... High Unreviewed
CVE-2024-52902 was published Feb 19, 2025
Use of Hard-coded Credentials vulnerability in GoodWe Technologies Co., Ltd. GW1500‑XS allows... High Unreviewed
CVE-2024-8893 was published Feb 14, 2025
The firmware of all Wattsense Bridge devices contain the same hard-coded user and root... Critical Unreviewed
CVE-2025-26410 was published Feb 11, 2025
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the... Moderate Unreviewed
CVE-2024-28989 was published Feb 11, 2025
Certain models of routers from Billion Electric has hard-coded embedded linux credentials,... High Unreviewed
CVE-2025-1143 was published Feb 11, 2025
Hardcoded credentials in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote attackers to... High Unreviewed
CVE-2024-46436 was published Feb 10, 2025
A default credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated remote... High Unreviewed
CVE-2024-46433 was published Feb 10, 2025
A hardcoded credentials vulnerability in Tenda W18E V16.01.0.8(1625) allows unauthenticated... High Unreviewed
CVE-2024-46429 was published Feb 10, 2025
Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever... Critical Unreviewed
CVE-2024-36556 was published Feb 6, 2025
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB... Critical Unreviewed
CVE-2024-51547 was published Feb 6, 2025
EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privilege escalation as the... Critical Unreviewed
CVE-2024-53356 was published Feb 1, 2025
In EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0, the AES encryption keys used to encrypt... High Unreviewed
CVE-2024-53357 was published Feb 1, 2025
An issue was discovered in DTEX DEC-M (DTEX Forwarder) 6.1.1. The com.dtexsystems.helper service,... High Unreviewed
CVE-2024-55968 was published Jan 29, 2025
AutoLib Software Systems OPAC v20.10 was discovered to have multiple API keys exposed within the... High Unreviewed
CVE-2024-48310 was published Jan 29, 2025
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that... Moderate Unreviewed
CVE-2024-50692 was published Jan 25, 2025
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be... Moderate Unreviewed
CVE-2024-50690 was published Jan 25, 2025
ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model... High Unreviewed
CVE-2024-11147 was published Jan 23, 2025
Flawed token generation implementation & Hard-coded key implementation Moderate Unreviewed
CVE-2024-55927 was published Jan 23, 2025
Hard-coded credentials were included as part of the application binary. These credentials served... Low Unreviewed
CVE-2024-45832 was published Jan 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database