GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,875
Composer 5,065
Erlang 39
GitHub Actions 38
Go 2,698
Maven 6,138
npm 4,325
NuGet 761
pip 4,099
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,642

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

153 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected... High Unreviewed

CVE-2025-11781 was published Dec 2, 2025

"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to... Moderate Unreviewed

CVE-2025-64304 was published Nov 25, 2025

Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded... High Unreviewed

CVE-2025-13316 was published Nov 19, 2025

Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to... Critical Unreviewed

CVE-2025-63289 was published Nov 12, 2025

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded... Moderate Unreviewed

CVE-2025-12177 was published Nov 8, 2025

Multiple Devices are Sharing the Same Secrets for SDKSocket (TCP/5000).This issue affects BLU-IC2... Critical Unreviewed

CVE-2025-12599 was published Nov 1, 2025

A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user... High Unreviewed

CVE-2025-46582 was published Oct 27, 2025

Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature... High Unreviewed

CVE-2025-34500 was published Oct 25, 2025

The Reolink desktop application uses a hard-coded and predictable AES encryption key to encrypt... Moderate Unreviewed

CVE-2025-56802 was published Oct 21, 2025

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization... Moderate Unreviewed

CVE-2025-56801 was published Oct 21, 2025

Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability,... Critical Unreviewed

CVE-2025-11899 was published Oct 17, 2025

desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an... Moderate Unreviewed

CVE-2025-58426 was published Oct 16, 2025

Newforma Info Exchange (NIX) uses a hard-coded key to encrypt certain query parameters. Some... Moderate Unreviewed

CVE-2025-35052 was published Oct 9, 2025

The Flock Safety DetectionProcessing com.flocksafety.android.objects application 6.35.33 for... Critical Unreviewed

CVE-2025-59407 was published Oct 2, 2025

Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an... High Unreviewed

CVE-2025-24525 was published Oct 1, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments)... Critical Unreviewed

CVE-2025-34217 was published Sep 30, 2025

The Copypress Rest API plugin for WordPress is vulnerable to Remote Code Execution via... Critical Unreviewed

CVE-2025-8625 was published Sep 30, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Critical Unreviewed

CVE-2025-34234 was published Sep 29, 2025

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 22.0.1049 and... Critical Unreviewed

CVE-2025-34211 was published Sep 29, 2025

IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow... Low Unreviewed

CVE-2025-36326 was published Sep 26, 2025

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the... Moderate Unreviewed

CVE-2025-60250 was published Sep 26, 2025

The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click... Moderate Unreviewed

CVE-2025-58069 was published Sep 24, 2025

The secret used for validating authentication tokens is hardcoded in device firmware for... Critical Unreviewed

CVE-2025-54807 was published Sep 18, 2025

Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 (and potentially earlier unsupported... High Unreviewed

CVE-2025-55112 was published Sep 16, 2025

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4... Critical Unreviewed

CVE-2025-57174 was published Sep 15, 2025

Previous1…7 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

153 advisories