GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,041
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,752
Maven 6,172
npm 4,357
NuGet 765
pip 4,121
Pub 12
RubyGems 961
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,789

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,376 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials... Critical Unreviewed

CVE-2025-35452 was published Sep 5, 2025

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a... Low Unreviewed

CVE-2025-30198 was published Sep 5, 2025

Clinic Image System developed by Changing contains hard-coded Credentials, allowing... Critical Unreviewed

CVE-2025-8857 was published Aug 29, 2025

hippo4j Includes Hard Coded Secret Key in JWT Creation High

CVE-2025-51606 was published for cn.hippo4j:hippo4j-core (Maven) Aug 21, 2025

A vulnerability was determined in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3... Moderate Unreviewed

CVE-2025-9310 was published Aug 21, 2025

IBM Concert Software 1.0.0 through 1.1.0 contains hard-coded credentials, such as a password or... Moderate Unreviewed

CVE-2025-33100 was published Aug 18, 2025

A security issue was discovered in the Kubernetes Image Builder where default credentials are... High Unreviewed

CVE-2025-7342 was published Aug 18, 2025

Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by... Critical Unreviewed

CVE-2025-43982 was published Aug 13, 2025

This vulnerability exists in ZKTeco WL20 due to hard-coded MQTT credentials and endpoints stored... Moderate Unreviewed

CVE-2025-54465 was published Aug 13, 2025

This vulnerability exists in ZKTeco WL20 due to hard-coded private key stored in plaintext within... Moderate Unreviewed

CVE-2025-55279 was published Aug 13, 2025

SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If... Moderate Unreviewed

CVE-2025-26398 was published Aug 12, 2025

Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow... Critical Unreviewed

CVE-2025-7768 was published Aug 6, 2025

A vulnerability, which was classified as problematic, has been found in elunez eladmin up to 2.7.... Moderate Unreviewed

CVE-2025-8530 was published Aug 5, 2025

Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as discovered to contain a hardcoded... Critical Unreviewed

CVE-2025-51536 was published Aug 4, 2025

A vulnerability was discovered in the storage policy for certain sets of authentication keys in... Moderate Unreviewed

CVE-2025-37111 was published Jul 31, 2025

A vulnerability was discovered in the storage policy for certain sets of encryption keys in the... Moderate Unreviewed

CVE-2025-37112 was published Jul 31, 2025

An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with... Critical Unreviewed

CVE-2025-30125 was published Jul 28, 2025

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04... High Unreviewed

CVE-2025-8231 was published Jul 27, 2025

Unitree Go1 <= Go1_2022_05_11 is vulnerale to Incorrect Access Control due to authentication... High Unreviewed

CVE-2025-45466 was published Jul 25, 2025

HCL iAutomate includes hardcoded credentials which may result in potential exposure of... High Unreviewed

CVE-2025-31953 was published Jul 24, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54455 was published Jul 23, 2025

Use of Hard-coded Credentials vulnerability in Samsung Electronics MagicINFO 9 Server allows... Critical Unreviewed

CVE-2025-54454 was published Jul 23, 2025

Use of Hard-coded Credentials vulnerability in PAVO Inc. PAVO Pay allows Read Sensitive Constants... High Unreviewed

CVE-2025-4130 was published Jul 21, 2025

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized... High Unreviewed

CVE-2025-4569 was published Jul 21, 2025

Use of hard-coded, the same among all vulnerable installations SQLite credentials vulnerability... High Unreviewed

CVE-2025-4049 was published Jul 21, 2025

Previous 1…3…56 Next

Previous 1 2 3 4 5 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,376 advisories