Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,044
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

127 advisories

Loading
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43483 was published Jul 23, 2025
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows... Moderate Unreviewed
CVE-2025-52374 was published Jul 21, 2025
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows... Moderate Unreviewed
CVE-2025-52373 was published Jul 21, 2025
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the... Moderate Unreviewed
CVE-2025-6074 was published Jul 3, 2025
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker... Moderate Unreviewed
CVE-2025-6071 was published Jul 3, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-5353 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated... High Unreviewed
CVE-2025-22455 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-22463 was published Jun 10, 2025
Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of... Moderate Unreviewed
CVE-2025-49164 was published Jun 3, 2025
itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key (found in iLabClient... High Unreviewed
CVE-2024-56429 was published May 21, 2025
The certificate and private key used for providing transport layer security for connections to... Moderate Unreviewed
CVE-2025-48417 was published May 21, 2025
In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the... Critical Unreviewed
CVE-2025-45746 was published May 13, 2025
Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the... High Unreviewed
CVE-2024-58134 was published May 3, 2025
Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network... Moderate Unreviewed
CVE-2025-32730 was published Apr 24, 2025
Dpanel's hard-coded JWT secret leads to remote code execution Critical
CVE-2025-30206 was published for github.com/donknap/dpanel (Go) Apr 15, 2025
NS-Sp4ce
Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside... Low Unreviewed
CVE-2025-31362 was published Apr 11, 2025
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization... Critical Unreviewed
CVE-2025-30406 was published Apr 3, 2025
VyOS 1.3 through 1.5 or any Debian-based system using dropbear in combination with live-build has... Critical Unreviewed
CVE-2025-30095 was published Mar 31, 2025
SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the... High Unreviewed
CVE-2025-30234 was published Mar 19, 2025
A Use of Hard-coded Cryptographic Key vulnerability [CWE-321] in FortiSandbox version 4.4.6 and... High Unreviewed
CVE-2024-54027 was published Mar 17, 2025
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-13773 was published Mar 14, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27674 was published Mar 5, 2025
A CWE-321 "Use of Hard-coded Cryptographic Key" in the JWT signing in Q-Free MaxTime less than or... High Unreviewed
CVE-2025-26340 was published Feb 12, 2025
A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before... Moderate Unreviewed
CVE-2024-13842 was published Feb 11, 2025
A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in... Moderate Unreviewed
CVE-2024-33504 was published Feb 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database