GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,297
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
228 advisories
Filter by severity
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local...
High
Unreviewed
CVE-2025-22463
was published
Jun 10, 2025
Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of...
Moderate
Unreviewed
CVE-2025-49164
was published
Jun 3, 2025
The certificate and private key used for providing transport layer security for connections to...
Moderate
Unreviewed
CVE-2025-48417
was published
May 21, 2025
itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key (found in iLabClient...
High
Unreviewed
CVE-2024-56429
was published
May 21, 2025
ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to...
Moderate
Unreviewed
CVE-2025-4876
was published
May 19, 2025
In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the...
Critical
Unreviewed
CVE-2025-45746
was published
May 13, 2025
Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the...
High
Unreviewed
CVE-2024-58134
was published
May 3, 2025
Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network...
Moderate
Unreviewed
CVE-2025-32730
was published
Apr 24, 2025
Dpanel's hard-coded JWT secret leads to remote code execution
Critical
CVE-2025-30206
was published
for
github.com/donknap/dpanel
(Go)
Apr 15, 2025
Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside...
Low
Unreviewed
CVE-2025-31362
was published
Apr 11, 2025
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization...
Critical
Unreviewed
CVE-2025-30406
was published
Apr 3, 2025
VyOS 1.3 through 1.5 or any Debian-based system using dropbear in combination with live-build has...
Critical
Unreviewed
CVE-2025-30095
was published
Mar 31, 2025
SmartOS, as used in Triton Data Center and other products, has static host SSH keys in the...
High
Unreviewed
CVE-2025-30234
was published
Mar 19, 2025
A Use of Hard-coded Cryptographic Key vulnerability [CWE-321] in FortiSandbox version 4.4.6 and...
High
Unreviewed
CVE-2024-54027
was published
Mar 17, 2025
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-13773
was published
Mar 14, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923...
Critical
Unreviewed
CVE-2025-27674
was published
Mar 5, 2025
A CWE-321 "Use of Hard-coded Cryptographic Key" in the JWT signing in Q-Free MaxTime less than or...
High
Unreviewed
CVE-2025-26340
was published
Feb 12, 2025
A hardcoded key in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before...
Moderate
Unreviewed
CVE-2024-13842
was published
Feb 11, 2025
A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in...
Moderate
Unreviewed
CVE-2024-33504
was published
Feb 11, 2025
SolarWinds Web Help Desk was found to have a hardcoded cryptographic key that could allow the...
Moderate
Unreviewed
CVE-2024-28989
was published
Feb 11, 2025
The TP-Link Tapo C500 V1 and V2 are a pan-and-tilt outdoor Wi-Fi security cameras designed for...
High
Unreviewed
CVE-2025-1099
was published
Feb 10, 2025
An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to...
High
Unreviewed
CVE-2024-52881
was published
Feb 7, 2025
Successful exploitation of this vulnerability could allow an attacker (who needs to have Admin...
Moderate
Unreviewed
CVE-2024-47256
was published
Feb 6, 2025
ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT...
Moderate
Unreviewed
CVE-2024-12078
was published
Jan 23, 2025
A use of hard-coded cryptographic key in Fortinet FortiClientWindows version 7.4.0, 7.2.x all...
Low
Unreviewed
CVE-2024-50564
was published
Jan 14, 2025
ProTip!
Advisories are also available from the
GraphQL API