Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

168 advisories

Loading
Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow... Moderate Unreviewed
CVE-2018-9195 was published May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account... Moderate Unreviewed
CVE-2020-15318 was published May 24, 2022
The NetApp HCI H610S Baseboard Management Controller (BMC) is shipped with a documented default... Moderate Unreviewed
CVE-2020-8573 was published May 24, 2022
JINS MEME CORE Firmware version 2.2.0 and earlier uses a hard-coded cryptographic key, which may... Moderate Unreviewed
CVE-2023-27921 was published May 23, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... Moderate Unreviewed
CVE-2023-33920 was published Jun 13, 2023
"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4... Moderate Unreviewed
CVE-2023-28387 was published Jun 30, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed
CVE-2023-35763 was published Jul 18, 2023
Use of hard-coded credentials in some Intel(R) Unison(TM) software before version 10.12 may allow... Moderate Unreviewed
CVE-2022-44612 was published Aug 11, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded... Moderate Unreviewed
CVE-2023-3262 was published Aug 14, 2023
A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models... Moderate Unreviewed
CVE-2022-3744 was published Aug 23, 2023
Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which... Moderate Unreviewed
CVE-2023-27169 was published Sep 12, 2023
Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03 and earlier, and MR-GM3 ... Moderate Unreviewed
CVE-2023-45194 was published Oct 11, 2023
Use of a hard-coded cryptographic key to cipher sensitive data in FortiOS configuration backup... Moderate Unreviewed
CVE-2019-6693 was published May 24, 2022
Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that is used during an... Moderate Unreviewed
CVE-2019-13399 was published May 24, 2022
NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This... Moderate Unreviewed
CVE-2023-34284 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass... Moderate Unreviewed
CVE-2023-39458 was published May 3, 2024
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with... Moderate Unreviewed
CVE-2021-41320 was published May 24, 2022
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite... Moderate Unreviewed
CVE-2024-22813 was published Apr 22, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed
CVE-2024-27159 was published Jun 14, 2024
All the Toshiba printers contain a shell script using the same hardcoded key to encrypt logs. An... Moderate Unreviewed
CVE-2024-27160 was published Jun 14, 2024
all the Toshiba printers have programs containing a hardcoded key used to encrypt files. An... Moderate Unreviewed
CVE-2024-27161 was published Jun 14, 2024
This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA... Moderate Unreviewed
CVE-2024-41689 was published Jul 26, 2024
A vulnerability was found in TOTOLINK A3000RU 5.9c.5185. It has been rated as problematic. This... Moderate Unreviewed
CVE-2024-7170 was published Jul 29, 2024
Identical Hardcoded Root Password for All Devices in GNCC's GC2 Indoor Security Camera 1080P... Moderate Unreviewed
CVE-2024-31798 was published Aug 15, 2024
A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This... Moderate Unreviewed
CVE-2024-8005 was published Aug 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database