Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

73 advisories

Loading
The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native... High Unreviewed
CVE-2024-30407 was published Apr 12, 2024
A vulnerability, which was classified as critical, has been found in osuuu LightPicture up to 1.2... Moderate Unreviewed
CVE-2024-1920 was published Feb 27, 2024
A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic.... Low Unreviewed
CVE-2024-1258 was published Feb 6, 2024
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This... Critical Unreviewed
CVE-2023-32169 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure... High Unreviewed
CVE-2023-39465 was published May 3, 2024
Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure... Moderate Unreviewed
CVE-2023-39482 was published May 3, 2024
A hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with... Moderate Unreviewed
CVE-2024-3109 was published May 3, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-30207 was published May 14, 2024
The devices which CyberPower PowerPanel manages use identical certificates based on a hard-coded... High Unreviewed
CVE-2024-31410 was published May 15, 2024
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... Moderate Unreviewed
CVE-2023-44318 was published Nov 14, 2023
minerstat msOS before 2019-10-23 does not have a unique SSH key for each instance of the product. Critical Unreviewed
CVE-2019-19750 was published May 24, 2022
Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP... High Unreviewed
CVE-2024-33891 was published Apr 29, 2024
HiveOS through 0.6-102@191212 ships with SSH host keys baked into the installation image, which... Unknown Unreviewed
CVE-2019-19754 was published Apr 30, 2024
A vulnerability in Cisco Intelligent Node (iNode) Software could allow an unauthenticated, remote... High Unreviewed
CVE-2024-20323 was published Jul 17, 2024
SimpleMiningOS through v1259 ships with SSH host keys baked into the installation image, which... Critical Unreviewed
CVE-2019-19753 was published Apr 30, 2024
Password reset tokens are generated using an insecure source of randomness. Attackers who know... Critical Unreviewed
CVE-2024-6890 was published Aug 8, 2024
NetBird uses a static initialization vector (IV) High
CVE-2024-41260 was published for github.com/netbirdio/netbird (Go) Aug 1, 2024
Avtec Outpost uses a default cryptographic key that can be used to decrypt sensitive information. High Unreviewed
CVE-2024-42418 was published Aug 22, 2024
Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a... High Unreviewed
CVE-2022-48625 was published Feb 20, 2024
IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to... Critical Unreviewed
CVE-2024-46612 was published Sep 25, 2024
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4328 was published Aug 15, 2023
A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could... High Unreviewed
CVE-2024-20350 was published Sep 25, 2024
Dragonfly2 has hard coded cyptographic key Critical
CVE-2023-27584 was published for d7y.io/dragonfly/v2 (Go) Sep 19, 2024
cokeBeer
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database