Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,494
Maven
5,000+
npm
4,131
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

48 advisories

Loading
An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-56577 was published Aug 29, 2025
Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An... High Unreviewed
CVE-2025-38741 was published Aug 4, 2025
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded... High Unreviewed
CVE-2025-26476 was published Aug 4, 2025
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution... High Unreviewed
CVE-2024-5722 was published Nov 22, 2024
A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated... High Unreviewed
CVE-2025-22455 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-5353 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-22463 was published Jun 10, 2025
itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key (found in iLabClient... High Unreviewed
CVE-2024-56429 was published May 21, 2025
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password... High Unreviewed
CVE-2022-34462 was published Jan 18, 2023
Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the... High Unreviewed
CVE-2024-58134 was published May 3, 2025
A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9... High Unreviewed
CVE-2017-6054 was published May 13, 2022
Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017... High Unreviewed
CVE-2017-5242 was published Jan 13, 2023
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-13773 was published Mar 14, 2025
SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the... High Unreviewed
CVE-2025-30234 was published Mar 19, 2025
A Use of Hard-coded Cryptographic Key vulnerability [CWE-321] in FortiSandbox version 4.4.6 and... High Unreviewed
CVE-2024-54027 was published Mar 17, 2025
MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the... High Unreviewed
CVE-2023-0391 was published Mar 21, 2023
Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP... High Unreviewed
CVE-2024-33891 was published Apr 29, 2024
A CWE-321 "Use of Hard-coded Cryptographic Key" in the JWT signing in Q-Free MaxTime less than or... High Unreviewed
CVE-2025-26340 was published Feb 12, 2025
An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to... High Unreviewed
CVE-2024-52881 was published Feb 7, 2025
The TP-Link Tapo C500 V1 and V2 are a pan-and-tilt outdoor Wi-Fi security cameras designed for... High Unreviewed
CVE-2025-1099 was published Feb 10, 2025
It is possible to download the configuration backup without authorization and decrypt included... High Unreviewed
CVE-2023-49256 was published Jan 12, 2024
A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could... High Unreviewed
CVE-2024-20350 was published Sep 25, 2024
Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a... High Unreviewed
CVE-2022-48625 was published Feb 20, 2024
Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information. High Unreviewed
CVE-2024-42418 was published Aug 22, 2024
A vulnerability in Cisco Intelligent Node (iNode) Software could allow an unauthenticated, remote... High Unreviewed
CVE-2024-20323 was published Jul 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database