Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,212 advisories

Loading
TeleAdapt RoomCast TA-2400 1.0 through 3.1 suffers from Use of a Hard-coded Password (PIN):... Critical Unreviewed
CVE-2023-33744 was published Jul 27, 2023
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow... High Unreviewed
CVE-2023-38433 was published Jul 26, 2023
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An... Critical Unreviewed
CVE-2023-37291 was published Jul 21, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed
CVE-2023-35763 was published Jul 18, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed
CVE-2023-34123 was published Jul 13, 2023
SmartSoft SmartBPM.NET has a vulnerability of using hard-coded machine key. An unauthenticated... Critical Unreviewed
CVE-2023-37286 was published Jul 10, 2023
SmartBPM.NET has a vulnerability of using hard-coded authentication key. An unauthenticated... Critical Unreviewed
CVE-2023-37287 was published Jul 10, 2023
PiiGAB M-Bus contains hard-coded credentials which it uses for authentication. Critical Unreviewed
CVE-2023-35987 was published Jul 7, 2023
Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious... Critical Unreviewed
CVE-2023-2158 was published Jul 6, 2023
Electra Central AC unit – Hardcoded Credentials in unspecified code used by the unit. Critical Unreviewed
CVE-2023-24501 was published Jul 6, 2023
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2... Critical Unreviewed
CVE-2022-45444 was published Jul 6, 2023
A support user exists on the device and appears to be a backdoor for Technical Support staff. The... High Unreviewed
CVE-2022-47209 was published Jul 6, 2023
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded... High Unreviewed
CVE-2023-36623 was published Jul 5, 2023
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded... Critical Unreviewed
CVE-2023-34338 was published Jul 5, 2023
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded... High Unreviewed
CVE-2023-34473 was published Jul 5, 2023
"NewsPicks" App for Android versions 10.4.5 and earlier and "NewsPicks" App for iOS versions 10.4... Moderate Unreviewed
CVE-2023-28387 was published Jun 30, 2023
Advantech R-SeeNet versions 2.4.22 is installed with a hidden root-level user that is not... Critical Unreviewed
CVE-2023-2611 was published Jun 22, 2023
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code... High Unreviewed
CVE-2023-32274 was published Jun 20, 2023
A security vulnerability in HPE Insight Remote Support may result in the local disclosure of... Moderate Unreviewed
CVE-2023-30904 was published Jun 16, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN... High Unreviewed
CVE-2023-25187 was published Jun 16, 2023
A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects... Moderate Unreviewed
CVE-2023-3237 was published Jun 14, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to... High Unreviewed
CVE-2023-2637 was published Jun 13, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... Moderate Unreviewed
CVE-2023-33920 was published Jun 13, 2023
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker... High Unreviewed
CVE-2022-47617 was published Jun 2, 2023
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2061 was published Jun 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database