Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
Apache OpenMeetings Uses Hard-coded Cryptographic Key High
CVE-2026-33266 was published for org.apache.openmeetings:openmeetings-parent (Maven) Apr 9, 2026
Apache StreamPark has a hard-coded encryption key High
CVE-2025-54947 was published for org.apache.streampark:streampark (Maven) Dec 12, 2025
Apache Syncope's AES encryption stores hard-coded passwords in internal database High
CVE-2025-65998 was published for org.apache.syncope:syncope-core (Maven) Nov 24, 2025
Improper Access Control in Apache Shiro Critical
CVE-2016-4437 was published for org.apache.shiro:shiro-core (Maven) May 14, 2022
Use of Hard-coded Cryptographic Key in Apache Tomcat Moderate
CVE-2011-5064 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API