GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,562
Composer 4,198
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,914

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

413 advisories

Filter by severity

Sort by

Least recently updated

Vulnerability in the Elasticsearch database used in the of Cisco SD-WAN vManage software could... High Unreviewed

CVE-2023-20034 was published Sep 27, 2023

Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key... High Unreviewed

CVE-2023-43637 was published Sep 21, 2023

Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One... High Unreviewed

CVE-2023-31808 was published Sep 19, 2023

An issue in xui-xray v1.8.3 allows attackers to obtain sensitive information via default password. High Unreviewed

CVE-2023-41595 was published Sep 18, 2023

An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain... High Unreviewed

CVE-2023-42328 was published Sep 18, 2023

A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may... High Unreviewed

CVE-2023-40717 was published Sep 13, 2023

The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of... High Unreviewed

CVE-2023-39421 was published Sep 7, 2023

The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user... High Unreviewed

CVE-2023-39420 was published Sep 7, 2023

Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions... High Unreviewed

CVE-2023-32619 was published Sep 6, 2023

Use of Hard-coded Credentials vulnerability in Schweitzer Engineering Laboratories SEL-5037 SEL... High Unreviewed

CVE-2023-31173 was published Aug 31, 2023

Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man... High Unreviewed

CVE-2023-23771 was published Aug 29, 2023

The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote... High Unreviewed

CVE-2023-4419 was published Aug 24, 2023

EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were... High Unreviewed

CVE-2023-37426 was published Aug 22, 2023

An issue was discovered in libac_des3.so on AudioCodes VoIP desk phones through 3.4.4.1000. Due... High Unreviewed

CVE-2023-22957 was published Aug 11, 2023

An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. Due to the use of a... High Unreviewed

CVE-2023-22956 was published Aug 11, 2023

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... High Unreviewed

CVE-2023-37857 was published Aug 9, 2023

Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on... High Unreviewed

CVE-2023-21652 was published Aug 8, 2023

Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow... High Unreviewed

CVE-2023-38433 was published Jul 26, 2023

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed

CVE-2023-34123 was published Jul 13, 2023

A support user exists on the device and appears to be a backdoor for Technical Support staff. The... High Unreviewed

CVE-2022-47209 was published Jul 6, 2023

AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded... High Unreviewed

CVE-2023-34473 was published Jul 5, 2023

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded... High Unreviewed

CVE-2023-36623 was published Jul 5, 2023

Enphase Installer Toolkit versions 3.27.0 has hard coded credentials embedded in binary code... High Unreviewed

CVE-2023-32274 was published Jun 20, 2023

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. Nokia Single RAN... High Unreviewed

CVE-2023-25187 was published Jun 16, 2023

Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to... High Unreviewed

CVE-2023-2637 was published Jun 13, 2023

Previous 1 2 3 4 5 6 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

413 advisories