Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

559 advisories

Loading
The affected devices use publicly available default credentials with administrative privileges. Critical Unreviewed
CVE-2023-39169 was published Dec 7, 2023
Unitronics Vision Series PLCs and HMIs use default administrative passwords. An unauthenticated... Critical Unreviewed
CVE-2023-6448 was published Dec 5, 2023
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials... Critical Unreviewed
CVE-2023-23324 was published Nov 29, 2023
First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated... Critical Unreviewed
CVE-2023-47213 was published Nov 16, 2023
Natus NeuroWorks and SleepWorks before 8.4 GMA3 utilize a default password of xltek for the... Critical Unreviewed
CVE-2023-47800 was published Nov 10, 2023
Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is... Critical Unreviewed
CVE-2023-5777 was published Nov 6, 2023
VinChin Backup & Recovery v5.0.*, v6.0.*, v6.7.*, and v7.0.* was discovered to contain hardcoded... Critical Unreviewed
CVE-2023-45499 was published Oct 27, 2023
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/... Critical Unreviewed
CVE-2018-17558 was published Oct 27, 2023
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key Critical Unreviewed
CVE-2023-42492 was published Oct 25, 2023
Sureness uses hardcoded key Critical
CVE-2023-31581 was published for com.usthe.sureness:sureness-core (Maven) Oct 25, 2023
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed
CVE-2022-22466 was published Oct 23, 2023
IBM Security Verify Governance 10.0 contains hard-coded credentials, such as a password or... Critical Unreviewed
CVE-2023-33836 was published Oct 16, 2023
All versions of the qBittorrent client through 4.5.5 use default credentials when the web user... Critical Unreviewed
CVE-2023-30801 was published Oct 10, 2023
Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information... Critical Unreviewed
CVE-2023-2306 was published Oct 5, 2023
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to... Critical Unreviewed
CVE-2023-20101 was published Oct 4, 2023
Plaintext credential usage vulnerability in Sage 200 Spain 2023.38.001 version, the exploitation... Critical Unreviewed
CVE-2023-2809 was published Oct 4, 2023
Use of a static key to protect a JWT token used in user authentication can allow an for an... Critical Unreviewed
CVE-2023-5074 was published Sep 20, 2023
** UNSUPPPORTED WHEN ASSIGNED ** Devices ekorCCP and ekorRCI are vulnerable due to access to the... Critical Unreviewed
CVE-2022-47558 was published Sep 19, 2023
An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-42336 was published Sep 16, 2023
i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default... Critical Unreviewed
CVE-2023-37755 was published Sep 14, 2023
The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates... Critical Unreviewed
CVE-2023-39422 was published Sep 7, 2023
A hard coded password in Super Store Finder v3.6 allows attackers to access the administration... Critical Unreviewed
CVE-2023-41508 was published Sep 5, 2023
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site... Critical Unreviewed
CVE-2023-23770 was published Aug 29, 2023
SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-coded uBoot credentials. An... Critical Unreviewed
CVE-2023-38026 was published Aug 28, 2023
SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of using hard-coded... Critical Unreviewed
CVE-2023-38024 was published Aug 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database