GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,934
Composer 4,780
Erlang 36
GitHub Actions 29
Go 2,344
Maven 5,665
npm 3,973
NuGet 719
pip 3,770
Pub 12
RubyGems 923
Rust 978
Swift 38

Unreviewed advisories

All unreviewed 260,067

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of... Moderate Unreviewed

CVE-2025-49164 was published Jun 3, 2025

The certificate and private key used for providing transport layer security for connections to... Moderate Unreviewed

CVE-2025-48417 was published May 21, 2025

Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network... Moderate Unreviewed

CVE-2025-32730 was published Apr 24, 2025

A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in... Moderate Unreviewed

CVE-2024-33504 was published Feb 11, 2025

A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before... Moderate Unreviewed

CVE-2024-13842 was published Feb 11, 2025

SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the... Moderate Unreviewed

CVE-2024-28989 was published Feb 11, 2025

Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin... Moderate Unreviewed

CVE-2024-47256 was published Feb 6, 2025

ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT... Moderate Unreviewed

CVE-2024-12078 was published Jan 23, 2025

Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System... Moderate Unreviewed

CVE-2024-45837 was published Nov 22, 2024

Use of hard-coded cryptographic key issue exists in "Kura Sushi Official App Produced by EPARK"... Moderate Unreviewed

CVE-2024-52614 was published Nov 20, 2024

The DVC from TRCore encrypts files using a hardcoded key. Attackers can use this key to decrypt... Moderate Unreviewed

CVE-2024-11308 was published Nov 18, 2024

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Moderate Unreviewed

CVE-2024-46889 was published Nov 12, 2024

IBM Maximo Application Suite - Monitor Component 8.10, 8.11, and 9.0 could disclose information... Moderate Unreviewed

CVE-2024-38314 was published Oct 24, 2024

A vulnerability in the backup feature of Cisco UCS Central Software could allow an attacker with... Moderate Unreviewed

CVE-2024-20280 was published Oct 16, 2024

A hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with... Moderate Unreviewed

CVE-2024-3109 was published May 3, 2024

Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure... Moderate Unreviewed

CVE-2023-39482 was published May 3, 2024

HiveOS through 0.6-102@191212 ships with SSH host keys baked into the installation image, which... Moderate Unreviewed

CVE-2019-19754 was published Apr 30, 2024

Use of Hard-coded Cryptographic Key vulnerability in OpenText™ Exceed Turbo X affecting versions... Moderate Unreviewed

CVE-2023-38535 was published Mar 14, 2024

A vulnerability, which was classified as critical, has been found in osuuu LightPicture up to 1.2... Moderate Unreviewed

CVE-2024-1920 was published Feb 27, 2024

Use of encryption key derived from static information in Synaptics Fingerprint Driver allows an... Moderate Unreviewed

CVE-2023-6482 was published Jan 27, 2024

A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... Moderate Unreviewed

CVE-2023-44318 was published Nov 14, 2023

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may... Moderate Unreviewed

CVE-2023-39982 was published Sep 2, 2023

The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private... Moderate Unreviewed

CVE-2023-3404 was published Aug 31, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4328 was published Aug 15, 2023

The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed

CVE-2023-3947 was published Jul 26, 2023

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

34 advisories