GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,762

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

33 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4... Critical Unreviewed

CVE-2025-57174 was published Sep 15, 2025

The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An... Critical Unreviewed

CVE-2025-41702 was published Aug 26, 2025

Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and... Critical Unreviewed

CVE-2025-55619 was published Aug 22, 2025

RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker... Critical Unreviewed

CVE-2025-44963 was published Aug 4, 2025

In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the... Critical Unreviewed

CVE-2025-45746 was published May 13, 2025

Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization... Critical Unreviewed

CVE-2025-30406 was published Apr 3, 2025

VyOS 1.3 through 1.5 or any Debian-based system using dropbear in combination with live-build has... Critical Unreviewed

CVE-2025-30095 was published Mar 31, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27674 was published Mar 5, 2025

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2... Critical Unreviewed

CVE-2023-37936 was published Jan 14, 2025

IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to... Critical Unreviewed

CVE-2024-46612 was published Sep 25, 2024

Password reset tokens are generated using an insecure source of randomness. Attackers who know... Critical Unreviewed

CVE-2024-6890 was published Aug 8, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed

CVE-2024-30207 was published May 14, 2024

D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This... Critical Unreviewed

CVE-2023-32169 was published May 3, 2024

SimpleMiningOS through v1259 ships with SSH host keys baked into the installation image, which... Critical Unreviewed

CVE-2019-19753 was published Apr 30, 2024

nvOC through 3.2 ships with SSH host keys baked into the installation image, which allows man-in... Critical Unreviewed

CVE-2019-19752 was published Apr 30, 2024

Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this... Critical Unreviewed

CVE-2024-2413 was published Mar 13, 2024

Kaifa Technology WebITR is an online attendance system, it has a vulnerability in using hard... Critical Unreviewed

CVE-2023-48392 was published Dec 15, 2023

EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key Critical Unreviewed

CVE-2023-42492 was published Oct 25, 2023

Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz -... Critical Unreviewed

CVE-2023-3632 was published Aug 9, 2023

Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An... Critical Unreviewed

CVE-2023-37291 was published Jul 21, 2023

Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious... Critical Unreviewed

CVE-2023-2158 was published Jul 6, 2023

Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device... Critical Unreviewed

CVE-2022-2641 was published Jul 6, 2023

An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality... Critical Unreviewed

CVE-2023-22844 was published Jul 6, 2023

AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded... Critical Unreviewed

CVE-2023-34338 was published Jul 5, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34442 was published Jan 18, 2023

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

33 advisories