Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

485 advisories

Loading
NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text... High Unreviewed
CVE-2025-64778 was published Dec 2, 2025
NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit of this vulnerability... High Unreviewed
CVE-2025-33186 was published Nov 11, 2025
A security issue was discovered in the Kubernetes Image Builder where default credentials are... High Unreviewed
CVE-2025-7342 was published Aug 18, 2025
Deck Mate 2 is distributed with static, hard-coded credentials for the root shell and web user... High Unreviewed
CVE-2025-34501 was published Nov 4, 2025
The application uses several hard-coded credentials to encrypt config files during backup, to... High Unreviewed
CVE-2024-28146 was published Dec 12, 2024
An attacker with local access to the medical office computer can access restricted functions of... High Unreviewed
CVE-2024-50593 was published Nov 8, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows... High Unreviewed
CVE-2024-31151 was published Oct 30, 2024
A security flaw involving hard-coded credentials in LevelOne WBR-6012's web services allows... High Unreviewed
CVE-2024-28875 was published Oct 30, 2024
IBM Security Verify Access Appliance 10.0.0 through 10.0.7 contains hard-coded credentials which... High Unreviewed
CVE-2024-31873 was published Apr 10, 2024
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 contains a default password... High Unreviewed
CVE-2020-4429 was published May 24, 2022
The `/etc/passwd` and `/etc/shadow` files reveal hard-coded password hashes for the operating... High Unreviewed
CVE-2025-48413 was published May 21, 2025
The WorkExaminer Professional server installation comes with an FTP server that is used to... High Unreviewed
CVE-2025-10639 was published Oct 21, 2025
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services,... High Unreviewed
CVE-2014-2350 was published May 17, 2022
Ghost Robotics Vision 60 v0.27.2 includes, among its physical interfaces, three RJ45 connectors... High Unreviewed
CVE-2025-41109 was published Oct 22, 2025
Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07 and earlier, which may... High Unreviewed
CVE-2025-62777 was published Oct 28, 2025
The wsc server uses a hard-coded certificate to check the authenticity of SOAP messages. An... High Unreviewed
CVE-2025-41722 was published Oct 22, 2025
Zoho ManageEngine ADSelfService Plus before 6122 allows an authenticated user to achieve remote... High Unreviewed
CVE-2022-28810 was published Apr 19, 2022
A remote code execution vulnerability exists in Microsoft Exchange software when the software... High Unreviewed
CVE-2020-0688 was published May 24, 2022
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. High Unreviewed
CVE-2021-44207 was published Dec 22, 2021
IBM Security Verify Access 10.0.0 through 10.0.9, 11.0.0, IBM Verify Identity Access Container 10... High Unreviewed
CVE-2025-36087 was published Oct 13, 2025
In DOXENSE WATCHDOC before 6.1.0.5094, private user puk codes can be disclosed for Active... High Unreviewed
CVE-2025-58385 was published Sep 26, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.951,... High Unreviewed
CVE-2025-34197 was published Sep 19, 2025
Hardcoded credentials in Dietly v1.25.0 for android allows attackers to gain sensitive information. High Unreviewed
CVE-2025-56466 was published Sep 10, 2025
Hardcoded credentials in default configuration of PPress 0.0.9. High Unreviewed
CVE-2025-52159 was published Sep 19, 2025
Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Corporation photovoltaic... High Unreviewed
CVE-2025-5023 was published Jul 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database