Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

68 advisories

Loading
Improper Access Control in Apache Shiro Critical
CVE-2016-4437 was published for org.apache.shiro:shiro-core (Maven) May 14, 2022
Ovarro TBox TWinSoft uses the custom hardcoded user “TWinSoft” with a hardcoded key. Critical Unreviewed
CVE-2021-22644 was published Jul 29, 2022
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key Critical Unreviewed
CVE-2023-42492 was published Oct 25, 2023
agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate` Critical
CVE-2024-1631 was published for @dfinity/auth-client (npm) Feb 21, 2024
peterpeterparker Credited to peterpeterparker and krpeacock krpeacock krpeacock
@nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys Critical
GHSA-84c3-j8r2-mcm8 was published for @nfid/embed (npm) Feb 26, 2024
ProTip! Advisories are also available from the GraphQL API