Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,121
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

502 advisories

Loading
Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for... High Unreviewed
CVE-2025-14611 was published Dec 12, 2025
Selea Targa IP OCR-ANPR Camera contains a cross-site request forgery vulnerability that allows... High Unreviewed
CVE-2021-47730 was published Dec 9, 2025
Authentication Bypass via Hardcoded Credentials GoAway up to v0.62.18, fixed in 0.62.19, uses a... High Unreviewed
CVE-2025-65730 was published Dec 5, 2025
DCIM dcTrack platforms utilize default and hard-coded credentials for access. An attacker could... High Unreviewed
CVE-2025-66237 was published Dec 4, 2025
NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text... High Unreviewed
CVE-2025-64778 was published Dec 2, 2025
NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability... High Unreviewed
CVE-2025-33186 was published Nov 11, 2025
Deck Mate 2 is distributed with static, hard-coded credentials for the root shell and web user... High Unreviewed
CVE-2025-34501 was published Nov 4, 2025
Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may... High Unreviewed
CVE-2025-62777 was published Oct 28, 2025
Ghost Robotics Vision 60 v0.27.2 includes, among its physical interfaces, three RJ45 connectors... High Unreviewed
CVE-2025-41109 was published Oct 22, 2025
The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An... High Unreviewed
CVE-2025-41722 was published Oct 22, 2025
The WorkExaminer Professional server installation comes with an FTP server that is used to... High Unreviewed
CVE-2025-10639 was published Oct 21, 2025
IBM Security Verify Access 10.0.0 through 10.0.9, 11.0.0, IBM Verify Identity Access Container 10... High Unreviewed
CVE-2025-36087 was published Oct 13, 2025
In DOXENSE WATCHDOC before 6.1.0.5094, private user puk codes can be disclosed for Active... High Unreviewed
CVE-2025-58385 was published Sep 26, 2025
Hardcoded credentials in default configuration of PPress 0.0.9. High Unreviewed
CVE-2025-52159 was published Sep 19, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.951,... High Unreviewed
CVE-2025-34197 was published Sep 19, 2025
Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue affects FLXEON: through 9.3... High Unreviewed
CVE-2024-48842 was published Sep 17, 2025
An issue in H3C Magic M Device M2V100R006 allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2025-57578 was published Sep 12, 2025
An issue in H3C Device R365V300R004 allows a remote attacker to execute arbitrary code via the... High Unreviewed
CVE-2025-57577 was published Sep 12, 2025
An issue in TOTOLINK Wi-Fi 6 Router Series Device X2000R-Gh-V2.0.0 allows a remote attacker to... High Unreviewed
CVE-2025-57579 was published Sep 12, 2025
Hardcoded credentials in Dietly v1.25.0 for android allows attackers to gain sensitive information. High Unreviewed
CVE-2025-56466 was published Sep 10, 2025
CWE-798 Use of Hard-coded Credentials High Unreviewed
CVE-2025-55047 was published Sep 9, 2025
hippo4j Includes Hard Coded Secret Key in JWT Creation High
CVE-2025-51606 was published for cn.hippo4j:hippo4j-core (Maven) Aug 21, 2025
A security issue was discovered in the Kubernetes Image Builder where default credentials are... High Unreviewed
CVE-2025-7342 was published Aug 18, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04... High Unreviewed
CVE-2025-8231 was published Jul 27, 2025
Unitree Go1 <= Go1_2022_05_11 is vulnerale to Incorrect Access Control due to authentication... High Unreviewed
CVE-2025-45466 was published Jul 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database