Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137 advisories

Loading
Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside... Low Unreviewed
CVE-2025-31362 was published Apr 11, 2025
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization... Critical Unreviewed
CVE-2025-30406 was published Apr 3, 2025
VyOS 1.3 through 1.5 or any Debian-based system using dropbear in combination with live-build has... Critical Unreviewed
CVE-2025-30095 was published Mar 31, 2025
SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the... High Unreviewed
CVE-2025-30234 was published Mar 19, 2025
A Use of Hard-coded Cryptographic Key vulnerability [CWE-321] in FortiSandbox version 4.4.6 and... High Unreviewed
CVE-2024-54027 was published Mar 17, 2025
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-13773 was published Mar 14, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27674 was published Mar 5, 2025
A CWE-321 "Use of Hard-coded Cryptographic Key" in the JWT signing in Q-Free MaxTime less than or... High Unreviewed
CVE-2025-26340 was published Feb 12, 2025
A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before... Moderate Unreviewed
CVE-2024-13842 was published Feb 11, 2025
A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in... Moderate Unreviewed
CVE-2024-33504 was published Feb 11, 2025
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the... Moderate Unreviewed
CVE-2024-28989 was published Feb 11, 2025
The TP-Link Tapo C500 V1 and V2 are a pan-and-tilt outdoor Wi-Fi security cameras designed for... High Unreviewed
CVE-2025-1099 was published Feb 10, 2025
An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to... High Unreviewed
CVE-2024-52881 was published Feb 7, 2025
Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin... Moderate Unreviewed
CVE-2024-47256 was published Feb 6, 2025
ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT... Moderate Unreviewed
CVE-2024-12078 was published Jan 23, 2025
A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all... Low Unreviewed
CVE-2024-50564 was published Jan 14, 2025
A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2... Critical Unreviewed
CVE-2023-37936 was published Jan 14, 2025
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution... High Unreviewed
CVE-2024-5722 was published Nov 22, 2024
Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System... Moderate Unreviewed
CVE-2024-45837 was published Nov 22, 2024
Use of hard-coded cryptographic key issue exists in "Kura Sushi Official App Produced by EPARK"... Moderate Unreviewed
CVE-2024-52614 was published Nov 20, 2024
The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt... Moderate Unreviewed
CVE-2024-11308 was published Nov 18, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed
CVE-2024-46889 was published Nov 12, 2024
IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information... Moderate Unreviewed
CVE-2024-38314 was published Oct 24, 2024
A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with... Moderate Unreviewed
CVE-2024-20280 was published Oct 16, 2024
A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could... High Unreviewed
CVE-2024-20350 was published Sep 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database