Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

486 advisories

Loading
Hardcoded credentials in default configuration of PPress 0.0.9. High Unreviewed
CVE-2025-52159 was published Sep 19, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.951,... High Unreviewed
CVE-2025-34197 was published Sep 19, 2025
Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic... High Unreviewed
CVE-2025-5023 was published Jul 10, 2025
Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3... High Unreviewed
CVE-2024-48842 was published Sep 17, 2025
An issue in H3C Device R365V300R004 allows a remote attacker to execute arbitrary code via the... High Unreviewed
CVE-2025-57577 was published Sep 12, 2025
An issue in H3C Magic M Device M2V100R006 allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2025-57578 was published Sep 12, 2025
An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to... High Unreviewed
CVE-2025-57579 was published Sep 12, 2025
CWE-798 Use of Hard-coded Credentials High Unreviewed
CVE-2025-55047 was published Sep 9, 2025
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1... High Unreviewed
CVE-2014-9198 was published May 14, 2022
hippo4j Includes Hard Coded Secret Key in JWT Creation High
CVE-2025-51606 was published for cn.hippo4j:hippo4j-core (Maven) Aug 21, 2025
A security issue was discovered in the Kubernetes Image Builder where default credentials are... High Unreviewed
CVE-2025-7342 was published Aug 18, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04... High Unreviewed
CVE-2025-8231 was published Jul 27, 2025
Unitree Go1 <= Go1_2022_05_11 is vulnerale to Incorrect Access Control due to authentication... High Unreviewed
CVE-2025-45466 was published Jul 25, 2025
HCL iAutomate includes hardcoded credentials which may result in potential exposure of... High Unreviewed
CVE-2025-31953 was published Jul 24, 2025
Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974... High Unreviewed
CVE-2025-34509 was published Jun 17, 2025
Use of Hard-coded Credentials vulnerability in PAVO Inc. PAVO Pay allows Read Sensitive Constants... High Unreviewed
CVE-2025-4130 was published Jul 21, 2025
An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized... High Unreviewed
CVE-2025-4569 was published Jul 21, 2025
Use of hard-coded, the same among all vulnerable installations SQLite credentials vulnerability... High Unreviewed
CVE-2025-4049 was published Jul 21, 2025
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22.... High Unreviewed
CVE-2025-7564 was published Jul 14, 2025
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution... High Unreviewed
CVE-2024-5722 was published Nov 22, 2024
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded... High Unreviewed
CVE-2025-49551 was published Jul 8, 2025
A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The... High Unreviewed
CVE-2025-52492 was published Jul 7, 2025
Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded... High Unreviewed
CVE-2012-6428 was published May 17, 2022
The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated... High Unreviewed
CVE-2025-35940 was published Jun 10, 2025
An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704. It uses... High Unreviewed
CVE-2019-7161 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database