GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,041
Composer 5,081
Erlang 40
GitHub Actions 38
Go 2,752
Maven 6,172
npm 4,357
NuGet 765
pip 4,121
Pub 12
RubyGems 961
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,789

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,376 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An insecure sensitive key storage issue was found in MyASUS. potentially allowing unauthorized... Moderate Unreviewed

CVE-2025-4570 was published Jul 21, 2025

Use of Hard-coded Credentials in TP-Link Archer C50 V3( <= 180703)/V4( <= 250117 )/V5( ... Moderate Unreviewed

CVE-2025-6982 was published Jul 16, 2025

This vulnerability exists in Digisol DG-GR6821AC Router due to hard-coded Root Access Credentials... Moderate Unreviewed

CVE-2025-53754 was published Jul 16, 2025

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN... Moderate Unreviewed

CVE-2025-53842 was published Jul 16, 2025

Tenda CP3 Pro Firmware V22.5.4.93 contains a hardcoded root password hash in the /etc/passwd file... Moderate Unreviewed

CVE-2025-52363 was published Jul 14, 2025

A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22.... High Unreviewed

CVE-2025-7564 was published Jul 14, 2025

A hardcoded secret in Ivanti DSM before 2024.2 allows an authenticated attacker on an adjacent... Critical Unreviewed

CVE-2024-38648 was published Jul 12, 2025

An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet... Critical Unreviewed

CVE-2025-7503 was published Jul 11, 2025

The Premium Age Verification / Restriction for WordPress plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-7401 was published Jul 11, 2025

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic... High Unreviewed

CVE-2025-5023 was published Jul 10, 2025

ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by a Use of Hard-coded... High Unreviewed

CVE-2025-49551 was published Jul 8, 2025

Hard-coded login credentials were found in HPE Networking Instant On Access Points, allowing... Critical Unreviewed

CVE-2025-37103 was published Jul 8, 2025

A vulnerability has been discovered in the firmware of Paxton Paxton10 before 4.6 SR6. The... High Unreviewed

CVE-2025-52492 was published Jul 7, 2025

A vulnerability, which was classified as problematic, has been found in mao888 bluebell-plus up... Moderate Unreviewed

CVE-2025-7079 was published Jul 6, 2025

ENENSYS IPGuard v2 2.10.0 was discovered to contain hardcoded credentials. Critical Unreviewed

CVE-2025-45813 was published Jul 2, 2025

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified... Critical Unreviewed

CVE-2025-20309 was published Jul 2, 2025

A hardcoded credential vulnerability exists in the Blue Angel Software Suite deployed on embedded... Critical Unreviewed

CVE-2025-34034 was published Jun 26, 2025

D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including... Critical Unreviewed

CVE-2025-45784 was published Jun 18, 2025

Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974... High Unreviewed

CVE-2025-34509 was published Jun 17, 2025

OpenC3 COSMOS v6.0.0 was discovered to contain hardcoded credentials for the Service Account. Critical Unreviewed

CVE-2025-28388 was published Jun 13, 2025

The ArchiverSpaApi ASP.NET application uses a hard-coded JWT signing key. An unauthenticated... High Unreviewed

CVE-2025-35940 was published Jun 10, 2025

WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass... Moderate Unreviewed

CVE-2025-5751 was published Jun 6, 2025

A predefined administrative account is not documented and cannot be deactivated. This account... Critical Unreviewed

CVE-2025-3321 was published Jun 6, 2025

Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an... Moderate Unreviewed

CVE-2025-4633 was published May 30, 2025

The CS5000 Fire Panel is vulnerable due to a hard-coded password that runs on a VNC server and... Critical Unreviewed

CVE-2025-46352 was published May 30, 2025

Previous 1…4…56 Next

Previous 1 2 3 4 5 6 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,376 advisories