Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,364 advisories

Loading
In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with... Critical Unreviewed
CVE-2025-4041 was published May 6, 2025
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The... High Unreviewed
CVE-2025-32888 was published May 2, 2025
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The... High Unreviewed
CVE-2025-32889 was published May 2, 2025
CWE-798: Use of Hard-coded Credentials Moderate Unreviewed
CVE-2025-23179 was published Apr 29, 2025
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 uses a hardcoded password in... Moderate Unreviewed
CVE-2024-13688 was published Apr 28, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR... Critical Unreviewed
CVE-2025-32985 was published Apr 25, 2025
Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and... High Unreviewed
CVE-2025-46617 was published Apr 25, 2025
UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain... Critical Unreviewed
CVE-2025-46273 was published Apr 25, 2025
UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read,... Critical Unreviewed
CVE-2025-46274 was published Apr 25, 2025
CarlinKit CPC200-CCPA Wireless Hotspot Hard-Coded Credentials Authentication Bypass Vulnerability... High Unreviewed
CVE-2025-2765 was published Apr 23, 2025
Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access... Critical Unreviewed
CVE-2025-28230 was published Apr 21, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected... Critical Unreviewed
CVE-2024-41794 was published Apr 8, 2025
We observed that Intellispace Portal binaries doesn’t have any protection mechanisms to prevent... High Unreviewed
CVE-2025-3426 was published Apr 7, 2025
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization... Critical Unreviewed
CVE-2025-30406 was published Apr 3, 2025
An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to... High Unreviewed
CVE-2025-30118 was published Mar 25, 2025
A specific type of ArcGIS Enterprise deployment, is vulnerable to a Password Recovery... Critical Unreviewed
CVE-2025-2538 was published Mar 20, 2025
An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded credentials exist in in APK for... Critical Unreviewed
CVE-2025-30137 was published Mar 18, 2025
An issue was discovered on ROADCAM X3 devices. It has a uniform default credential set that... Critical Unreviewed
CVE-2025-30122 was published Mar 18, 2025
An issue was discovered on ROADCAM X3 devices. The mobile app APK (Viidure) contains hardcoded... Critical Unreviewed
CVE-2025-30123 was published Mar 18, 2025
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Hardcoded Credentials... Critical Unreviewed
CVE-2025-30113 was published Mar 18, 2025
In the IROAD APK 5.2.5, there are Hardcoded Credentials in the APK for ports 9091 and 9092. The... Moderate Unreviewed
CVE-2025-30109 was published Mar 18, 2025
A use of hard-coded password vulnerability in FortiWLC version 8.5.2 and below, version 8.4.8 and... Moderate Unreviewed
CVE-2021-22126 was published Mar 17, 2025
A use of hard-coded cryptographic key vulnerability in FortiSIEM version 5.2.6 may allow a remote... Low Unreviewed
CVE-2019-17659 was published Mar 17, 2025
Zohocorp's ManageEngine Analytics Plus and Zoho Analytics on-premise versions older than 6130 are... High Unreviewed
CVE-2025-1724 was published Mar 17, 2025
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-13773 was published Mar 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database