GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
148 advisories
Filter by severity
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An...
Moderate
Unreviewed
CVE-2024-27160
was published
Jun 14, 2024
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An...
Moderate
Unreviewed
CVE-2024-27161
was published
Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An...
Moderate
Unreviewed
CVE-2024-27159
was published
Jun 14, 2024
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass...
Moderate
Unreviewed
CVE-2023-39458
was published
May 3, 2024
NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This...
Moderate
Unreviewed
CVE-2023-34284
was published
May 3, 2024
Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local...
Moderate
Unreviewed
CVE-2024-3130
was published
Apr 1, 2024
Encrypted database credentials in LaborOfficeFree affecting version 19.10. This vulnerability...
Moderate
Unreviewed
CVE-2024-1344
was published
Feb 19, 2024
IBM Storage Defender - Resiliency Service 2.0 contains hard-coded credentials, such as a password...
Moderate
Unreviewed
CVE-2024-22313
was published
Feb 10, 2024
Use of encryption key derived from static information in Synaptics Fingerprint Driver allows
an...
Moderate
Unreviewed
CVE-2023-6482
was published
Jan 27, 2024
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a...
Moderate
Unreviewed
CVE-2024-23453
was published
Jan 24, 2024
Hard-coded credentials in org.folio:mod-remote-storage
Moderate
CVE-2024-23685
was published
for
org.folio:mod-remote-storage
(Maven)
Jan 19, 2024
The secret value used for access to critical UDS services of the MIB3 infotainment is hardcoded...
Moderate
Unreviewed
CVE-2023-28897
was published
Jan 12, 2024
Flient Smart Door Lock v1.0 is vulnerable to Use of Default Credentials. Due to default...
Moderate
Unreviewed
CVE-2023-50124
was published
Jan 11, 2024
Apprite CLI makes Use of Hard-coded Credentials
Moderate
CVE-2023-50974
was published
for
appwrite
(npm)
Jan 9, 2024
IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or...
Moderate
Unreviewed
CVE-2023-50948
was published
Jan 8, 2024
An issue was discovered in Peplink Balance Two before 8.4.0. Console port authentication uses...
Moderate
Unreviewed
CVE-2023-49228
was published
Dec 28, 2023
Phlox com.phlox.simpleserver.plus (aka Simple HTTP Server PLUS) 1.8.1-plus has an Android...
Moderate
Unreviewed
CVE-2023-46918
was published
Dec 28, 2023
Phlox com.phlox.simpleserver (aka Simple HTTP Server) 1.8 and com.phlox.simpleserver.plus (aka...
Moderate
Unreviewed
CVE-2023-46919
was published
Dec 27, 2023
VR-S1000 firmware Ver. 2.37 and earlier uses a hard-coded cryptographic key which may allow an...
Moderate
Unreviewed
CVE-2023-46711
was published
Dec 26, 2023
In Pexip VMR self-service portal before 3, the same SSH host key is used across different...
Moderate
Unreviewed
CVE-2023-40236
was published
Dec 25, 2023
IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or...
Moderate
Unreviewed
CVE-2023-47704
was published
Dec 20, 2023
SmartStar Software CWS is a web-base integration platform, it has a vulnerability of using a hard...
Moderate
Unreviewed
CVE-2023-48374
was published
Dec 15, 2023
The FACSChorus software contains sensitive information stored in plaintext. A threat actor could...
Moderate
Unreviewed
CVE-2023-29064
was published
Nov 28, 2023
A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 -...
Moderate
Unreviewed
CVE-2023-40719
was published
Nov 14, 2023
A use of hard-coded credentials vulnerability in Fortinet FortiClient Windows 7.0.0 - 7.0.9 and 7...
Moderate
Unreviewed
CVE-2023-33304
was published
Nov 14, 2023
ProTip!
Advisories are also available from the
GraphQL API