GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,358
Composer 4,819
Erlang 36
GitHub Actions 32
Go 2,410
Maven 5,802
npm 4,046
NuGet 723
pip 3,842
Pub 12
RubyGems 933
Rust 1,003
Swift 38

Unreviewed advisories

All unreviewed 264,509

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,300 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was discovered in the storage policy for certain sets of encryption keys in the... Moderate Unreviewed

CVE-2025-37112 was published Jul 31, 2025

A vulnerability was discovered in the storage policy for certain sets of authentication keys in... Moderate Unreviewed

CVE-2025-37111 was published Jul 31, 2025

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with... Critical Unreviewed

CVE-2025-30125 was published Jul 28, 2025

Unitree Go1 <= Go1_2022_05_11 is vulnerale to Incorrect Access Control due to authentication... High Unreviewed

CVE-2025-45466 was published Jul 25, 2025

A use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8.4.8 and... Moderate Unreviewed

CVE-2021-22126 was published Mar 17, 2025

HCL iAutomate includes hardcoded credentials which may result in potential exposure of... High Unreviewed

CVE-2025-31953 was published Jul 24, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54455 was published Jul 23, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54454 was published Jul 23, 2025

Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974... High Unreviewed

CVE-2025-34509 was published Jun 17, 2025

Use of Hard-coded Credentials vulnerability in PAVO Inc. PAVO Pay allows Read Sensitive Constants... High Unreviewed

CVE-2025-4130 was published Jul 21, 2025

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized... Moderate Unreviewed

CVE-2025-4570 was published Jul 21, 2025

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized... High Unreviewed

CVE-2025-4569 was published Jul 21, 2025

Use of hard-coded, the same among all vulnerable installations SQLite credentials vulnerability... High Unreviewed

CVE-2025-4049 was published Jul 21, 2025

A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22.... High Unreviewed

CVE-2025-7564 was published Jul 14, 2025

Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( ... Moderate Unreviewed

CVE-2025-6982 was published Jul 16, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials... Moderate Unreviewed

CVE-2025-53754 was published Jul 16, 2025

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN... Moderate Unreviewed

CVE-2025-53842 was published Jul 16, 2025

Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file... Moderate Unreviewed

CVE-2025-52363 was published Jul 14, 2025

A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent... Critical Unreviewed

CVE-2024-38648 was published Jul 12, 2025

An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet... Critical Unreviewed

CVE-2025-7503 was published Jul 11, 2025

The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-7401 was published Jul 11, 2025

Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution... High Unreviewed

CVE-2024-5722 was published Nov 22, 2024

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic... High Unreviewed

CVE-2025-5023 was published Jul 10, 2025

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded... Critical Unreviewed

CVE-2025-34034 was published Jun 26, 2025

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded... High Unreviewed

CVE-2025-49551 was published Jul 8, 2025

Previous 1 2 3 4 5 … 51 52 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,300 advisories