Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

598 advisories

Loading
Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded... Critical Unreviewed
CVE-2025-51536 was published Aug 4, 2025
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with... Critical Unreviewed
CVE-2025-30125 was published Jul 28, 2025
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed
CVE-2025-54455 was published Jul 23, 2025
Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed
CVE-2025-54454 was published Jul 23, 2025
A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent... Critical Unreviewed
CVE-2024-38648 was published Jul 12, 2025
An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet... Critical Unreviewed
CVE-2025-7503 was published Jul 11, 2025
The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-7401 was published Jul 11, 2025
A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded... Critical Unreviewed
CVE-2025-34034 was published Jun 26, 2025
Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing... Critical Unreviewed
CVE-2025-37103 was published Jul 8, 2025
ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials. Critical Unreviewed
CVE-2025-45813 was published Jul 2, 2025
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified... Critical Unreviewed
CVE-2025-20309 was published Jul 2, 2025
Root user password is hardcoded into the device and cannot be changed in the user interface. Critical Unreviewed
CVE-2023-49253 was published Jan 12, 2024
D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including... Critical Unreviewed
CVE-2025-45784 was published Jun 18, 2025
OpenC3 COSMOS v6.0.0 was discovered to contain hardcoded credentials for the Service Account. Critical Unreviewed
CVE-2025-28388 was published Jun 13, 2025
A predefined administrative account is not documented and cannot be deactivated. This account... Critical Unreviewed
CVE-2025-3321 was published Jun 6, 2025
A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE... Critical Unreviewed
CVE-2025-20188 was published May 7, 2025
The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and... Critical Unreviewed
CVE-2025-46352 was published May 30, 2025
Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded... Critical Unreviewed
CVE-2025-48748 was published May 29, 2025
Hard-coded credentials in org.folio:mod-data-export-spring Critical
CVE-2024-23687 was published for org.folio:mod-data-export-spring (Maven) Jan 20, 2024
Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise, ABB NEXUS Series, ABB... Critical Unreviewed
CVE-2024-51547 was published Feb 6, 2025
In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the... Critical Unreviewed
CVE-2025-45746 was published May 13, 2025
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34441 was published Jan 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34442 was published Jan 18, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34440 was published Jan 11, 2023
In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with... Critical Unreviewed
CVE-2025-4041 was published May 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database