Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

414 advisories

Loading
The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of... High Unreviewed
CVE-2023-39421 was published Sep 7, 2023
The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user... High Unreviewed
CVE-2023-39420 was published Sep 7, 2023
Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions... High Unreviewed
CVE-2023-32619 was published Sep 6, 2023
Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL... High Unreviewed
CVE-2023-31173 was published Aug 31, 2023
Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man... High Unreviewed
CVE-2023-23771 was published Aug 29, 2023
Netmaker has Hardcoded DNS Secret Key High
CVE-2023-32077 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh iamnoooob
The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote... High Unreviewed
CVE-2023-4419 was published Aug 24, 2023
EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were... High Unreviewed
CVE-2023-37426 was published Aug 22, 2023
An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a... High Unreviewed
CVE-2023-22956 was published Aug 11, 2023
An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due... High Unreviewed
CVE-2023-22957 was published Aug 11, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... High Unreviewed
CVE-2023-37857 was published Aug 9, 2023
Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on... High Unreviewed
CVE-2023-21652 was published Aug 8, 2023
Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow... High Unreviewed
CVE-2023-38433 was published Jul 26, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed
CVE-2023-34123 was published Jul 13, 2023
A support user exists on the device and appears to be a backdoor for Technical Support staff. The... High Unreviewed
CVE-2022-47209 was published Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded... High Unreviewed
CVE-2023-34473 was published Jul 5, 2023
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded... High Unreviewed
CVE-2023-36623 was published Jul 5, 2023
Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code... High Unreviewed
CVE-2023-32274 was published Jun 20, 2023
An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN... High Unreviewed
CVE-2023-25187 was published Jun 16, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to... High Unreviewed
CVE-2023-2637 was published Jun 13, 2023
Hitron CODA-5310 has hard-coded encryption/decryption keys in the program code. A remote attacker... High Unreviewed
CVE-2022-47617 was published Jun 2, 2023
Use of Hard-coded Password vulnerability in FTP function on Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-2061 was published Jun 2, 2023
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider... High Unreviewed
CVE-2023-28937 was published Jun 1, 2023
ROZCOM client CWE-798: Use of Hard-coded Credentials High Unreviewed
CVE-2023-31184 was published May 30, 2023
This vulnerability enables ssh access to minikube container using a default password. High Unreviewed
CVE-2023-1944 was published May 24, 2023
ProTip! Advisories are also available from the GraphQL API