GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,828
Composer 4,768
Erlang 35
GitHub Actions 29
Go 2,332
Maven 5,625
npm 3,965
NuGet 713
pip 3,748
Pub 12
RubyGems 921
Rust 975
Swift 38

Unreviewed advisories

All unreviewed 258,973

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

122 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed

CVE-2023-35763 was published Jul 18, 2023

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed

CVE-2023-34123 was published Jul 13, 2023

Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious... Critical Unreviewed

CVE-2023-2158 was published Jul 6, 2023

Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device... Critical Unreviewed

CVE-2022-2641 was published Jul 6, 2023

An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality... Critical Unreviewed

CVE-2023-22844 was published Jul 6, 2023

AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded... Critical Unreviewed

CVE-2023-34338 was published Jul 5, 2023

The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to... High Unreviewed

CVE-2023-3371 was published Jun 27, 2023

Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to... High Unreviewed

CVE-2023-2637 was published Jun 13, 2023

AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific... Moderate Unreviewed

CVE-2023-21404 was published May 8, 2023

MGT-COMMERCE CloudPanel ships with a static SSL certificate to encrypt communications to the... High Unreviewed

CVE-2023-0391 was published Mar 21, 2023

Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt... High Unreviewed

CVE-2023-0355 was published Mar 13, 2023

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an... High Unreviewed

CVE-2023-20038 was published Jan 20, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password... High Unreviewed

CVE-2022-34462 was published Jan 18, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34442 was published Jan 18, 2023

Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017... High Unreviewed

CVE-2017-5242 was published Jan 13, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34441 was published Jan 11, 2023

Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed

CVE-2022-34440 was published Jan 11, 2023

Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a... High Unreviewed

CVE-2022-2660 was published Dec 14, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... Critical Unreviewed

CVE-2022-29830 was published Nov 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed

CVE-2022-29827 was published Nov 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed

CVE-2022-29828 was published Nov 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed

CVE-2022-29829 was published Nov 25, 2022

A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco... High Unreviewed

CVE-2022-20868 was published Nov 4, 2022

Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. Critical Unreviewed

CVE-2021-22644 was published Jul 29, 2022

The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key... High Unreviewed

CVE-2021-38461 was published May 24, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

122 advisories