Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

164 advisories

Loading
A Use of Hard-Coded Cryptographic Key issue was discovered in Mirion Technologies DMC 3000... Moderate Unreviewed
CVE-2017-9649 was published May 13, 2022
Dragonfly2 has hard coded cyptographic key Critical
CVE-2023-27584 was published for d7y.io/dragonfly/v2 (Go) Sep 19, 2024
cokeBeer gaius-qi
Credited to cokeBeer and gaius-qi
Dpanel's hard-coded JWT secret leads to remote code execution Critical
CVE-2025-30206 was published for github.com/donknap/dpanel (Go) Apr 15, 2025
NS-Sp4ce
Credited to NS-Sp4ce
Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network... Moderate Unreviewed
CVE-2025-32730 was published Apr 24, 2025
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34442 was published Jan 18, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34440 was published Jan 11, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password... High Unreviewed
CVE-2022-34462 was published Jan 18, 2023
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a contain a Hard-coded... Critical Unreviewed
CVE-2022-34441 was published Jan 11, 2023
itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key (found in iLabClient... High Unreviewed
CVE-2024-56429 was published May 21, 2025
In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft JWT token using the... Critical Unreviewed
CVE-2025-45746 was published May 13, 2025
Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of... Moderate Unreviewed
CVE-2025-49164 was published Jun 3, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated... High Unreviewed
CVE-2025-22455 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-22463 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-5353 was published Jun 10, 2025
NetBird uses a static initialization vector (IV) High
CVE-2024-41260 was published for github.com/netbirdio/netbird (Go) Aug 1, 2024
mlsmaycon
Credited to mlsmaycon
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker... Moderate Unreviewed
CVE-2025-6071 was published Jul 3, 2025
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the... Moderate Unreviewed
CVE-2025-6074 was published Jul 3, 2025
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution... High Unreviewed
CVE-2024-5722 was published Nov 22, 2024
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows... Moderate Unreviewed
CVE-2025-52373 was published Jul 21, 2025
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows... Moderate Unreviewed
CVE-2025-52374 was published Jul 21, 2025
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded... High Unreviewed
CVE-2025-26476 was published Aug 4, 2025
Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An... High Unreviewed
CVE-2025-38741 was published Aug 4, 2025
A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic... Moderate Unreviewed
CVE-2025-2810 was published Aug 5, 2025
Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure... Moderate Unreviewed
CVE-2023-39482 was published May 3, 2024
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An... Critical Unreviewed
CVE-2025-41702 was published Aug 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database