Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,239
Maven
5,000+
npm
3,900
NuGet
701
pip
3,667
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,239 advisories

Loading
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected... Critical Unreviewed
CVE-2024-41794 was published Apr 8, 2025
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent... High Unreviewed
CVE-2025-3426 was published Apr 7, 2025
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization... Critical Unreviewed
CVE-2025-30406 was published Apr 3, 2025
An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to... High Unreviewed
CVE-2025-30118 was published Mar 25, 2025
A specific type of ArcGIS Enterprise deployment, is vulnerable to a Password Recovery... Critical Unreviewed
CVE-2025-2538 was published Mar 20, 2025
An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for... Critical Unreviewed
CVE-2025-30137 was published Mar 18, 2025
An issue was discovered on ROADCAM X3 devices. It has a uniform default credential set that... Critical Unreviewed
CVE-2025-30122 was published Mar 18, 2025
An issue was discovered on ROADCAM X3 devices. The mobile app APK (Viidure) contains hardcoded... Critical Unreviewed
CVE-2025-30123 was published Mar 18, 2025
In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The... Moderate Unreviewed
CVE-2025-30109 was published Mar 18, 2025
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials... Critical Unreviewed
CVE-2025-30113 was published Mar 18, 2025
A use of hard-coded cryptographic key vulnerability in FortiSIEM version 5.2.6 may allow a remote... Low Unreviewed
CVE-2019-17659 was published Mar 17, 2025
Zohocorp's ManageEngine Analytics Plus and Zoho Analytics on-premise versions older than 6130 are... High Unreviewed
CVE-2025-1724 was published Mar 17, 2025
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-13773 was published Mar 14, 2025
Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege... High Unreviewed
CVE-2025-27255 was published Mar 10, 2025
An unauthenticated remote attacker can use hard-coded credentials to gain full administration... Critical Unreviewed
CVE-2025-1393 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed
CVE-2025-27643 was published Mar 5, 2025
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic.... Low Unreviewed
CVE-2025-1879 was published Mar 3, 2025
Use of Hard-coded Credentials, Storage of Sensitive Data in a Mechanism without Access Control... High Unreviewed
CVE-2024-9334 was published Feb 27, 2025
TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded... Critical Unreviewed
CVE-2024-57040 was published Feb 27, 2025
SunGrow iSolarCloud Android application V2.1.6.20241017 and prior contains hardcoded credentials.... Critical Unreviewed
CVE-2024-50688 was published Feb 26, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 client application... High Unreviewed
CVE-2024-52902 was published Feb 19, 2025
Use of Hard-coded Credentials vulnerability in GoodWe Technologies Co., Ltd. GW1500‑XS allows... High Unreviewed
CVE-2024-8893 was published Feb 14, 2025
IXON B.V. IXrouter IX2400 (Industrial Edge Gateway) v3.0 was discovered to contain hardcoded root... Moderate Unreviewed
CVE-2024-57790 was published Feb 14, 2025
The firmware of all Wattsense Bridge devices contain the same hard-coded user and root... Critical Unreviewed
CVE-2025-26410 was published Feb 11, 2025
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the... Moderate Unreviewed
CVE-2024-28989 was published Feb 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database