GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,934
Composer 4,780
Erlang 36
GitHub Actions 29
Go 2,344
Maven 5,665
npm 3,973
NuGet 719
pip 3,770
Pub 12
RubyGems 923
Rust 978
Swift 38

Unreviewed advisories

All unreviewed 260,067

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

45 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed

CVE-2025-5353 was published Jun 10, 2025

A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed

CVE-2025-22463 was published Jun 10, 2025

A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated... High Unreviewed

CVE-2025-22455 was published Jun 10, 2025

itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key (found in iLabClient... High Unreviewed

CVE-2024-56429 was published May 21, 2025

Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the... High Unreviewed

CVE-2024-58134 was published May 3, 2025

SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the... High Unreviewed

CVE-2025-30234 was published Mar 19, 2025

A Use of Hard-coded Cryptographic Key vulnerability [CWE-321] in FortiSandbox version 4.4.6 and... High Unreviewed

CVE-2024-54027 was published Mar 17, 2025

The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... High Unreviewed

CVE-2024-13773 was published Mar 14, 2025

A CWE-321 "Use of Hard-coded Cryptographic Key" in the JWT signing in Q-Free MaxTime less than or... High Unreviewed

CVE-2025-26340 was published Feb 12, 2025

The TP-Link Tapo C500 V1 and V2 are a pan-and-tilt outdoor Wi-Fi security cameras designed for... High Unreviewed

CVE-2025-1099 was published Feb 10, 2025

An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to... High Unreviewed

CVE-2024-52881 was published Feb 7, 2025

Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution... High Unreviewed

CVE-2024-5722 was published Nov 22, 2024

A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could... High Unreviewed

CVE-2024-20350 was published Sep 25, 2024

Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information. High Unreviewed

CVE-2024-42418 was published Aug 22, 2024

A vulnerability in Cisco Intelligent Node (iNode) Software could allow an unauthenticated, remote... High Unreviewed

CVE-2024-20323 was published Jul 17, 2024

The devices which CyberPower PowerPanel manages use identical certificates based on a hard-coded... High Unreviewed

CVE-2024-31410 was published May 15, 2024

Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure... High Unreviewed

CVE-2023-39465 was published May 3, 2024

Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP... High Unreviewed

CVE-2024-33891 was published Apr 29, 2024

The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native... High Unreviewed

CVE-2024-30407 was published Apr 12, 2024

Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a... High Unreviewed

CVE-2022-48625 was published Feb 20, 2024

It is possible to download the configuration backup without authorization and decrypt included... High Unreviewed

CVE-2023-49256 was published Jan 12, 2024

Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate... High Unreviewed

CVE-2023-40464 was published Dec 5, 2023

Symmetric encryption used to protect messages between the AppsAnywhere server and client can be... High Unreviewed

CVE-2023-41137 was published Nov 9, 2023

Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key... High Unreviewed

CVE-2023-43637 was published Sep 21, 2023

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed

CVE-2023-34123 was published Jul 13, 2023

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

45 advisories