GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,381
Composer 4,822
Erlang 36
GitHub Actions 32
Go 2,413
Maven 5,809
npm 4,052
NuGet 723
pip 3,844
Pub 12
RubyGems 933
Rust 1,005
Swift 38

Unreviewed advisories

All unreviewed 264,828

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

598 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded... Critical Unreviewed

CVE-2025-51536 was published Aug 4, 2025

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with... Critical Unreviewed

CVE-2025-30125 was published Jul 28, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54455 was published Jul 23, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54454 was published Jul 23, 2025

A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent... Critical Unreviewed

CVE-2024-38648 was published Jul 12, 2025

An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet... Critical Unreviewed

CVE-2025-7503 was published Jul 11, 2025

The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-7401 was published Jul 11, 2025

Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing... Critical Unreviewed

CVE-2025-37103 was published Jul 8, 2025

ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials. Critical Unreviewed

CVE-2025-45813 was published Jul 2, 2025

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified... Critical Unreviewed

CVE-2025-20309 was published Jul 2, 2025

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded... Critical Unreviewed

CVE-2025-34034 was published Jun 26, 2025

D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including... Critical Unreviewed

CVE-2025-45784 was published Jun 18, 2025

OpenC3 COSMOS v6.0.0 was discovered to contain hardcoded credentials for the Service Account. Critical Unreviewed

CVE-2025-28388 was published Jun 13, 2025

A predefined administrative account is not documented and cannot be deactivated. This account... Critical Unreviewed

CVE-2025-3321 was published Jun 6, 2025

The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and... Critical Unreviewed

CVE-2025-46352 was published May 30, 2025

Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded... Critical Unreviewed

CVE-2025-48748 was published May 29, 2025

In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the... Critical Unreviewed

CVE-2025-45746 was published May 13, 2025

A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE... Critical Unreviewed

CVE-2025-20188 was published May 7, 2025

In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with... Critical Unreviewed

CVE-2025-4041 was published May 6, 2025

NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR... Critical Unreviewed

CVE-2025-32985 was published Apr 25, 2025

UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain... Critical Unreviewed

CVE-2025-46273 was published Apr 25, 2025

UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read,... Critical Unreviewed

CVE-2025-46274 was published Apr 25, 2025

Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access... Critical Unreviewed

CVE-2025-28230 was published Apr 21, 2025

A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected... Critical Unreviewed

CVE-2024-41794 was published Apr 8, 2025

Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization... Critical Unreviewed

CVE-2025-30406 was published Apr 3, 2025

Previous 1 2 3 4 5 … 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

598 advisories