GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
29 advisories
Filter by severity
A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the...
High
Unreviewed
CVE-2019-10920
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3),...
High
Unreviewed
CVE-2020-25234
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25229
was published
May 24, 2022
A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3),...
High
Unreviewed
CVE-2021-27392
was published
May 24, 2022
The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key...
High
Unreviewed
CVE-2021-38461
was published
May 24, 2022
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded...
High
Unreviewed
CVE-2021-43587
was published
Dec 22, 2021
The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0"...
High
Unreviewed
CVE-2018-10896
was published
May 13, 2022
Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt...
High
Unreviewed
CVE-2023-0355
was published
Mar 13, 2023
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
High
Unreviewed
CVE-2022-29827
was published
Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
High
Unreviewed
CVE-2022-29829
was published
Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
High
Unreviewed
CVE-2022-29828
was published
Nov 25, 2022
Symmetric encryption used to protect messages between the AppsAnywhere server and client can be...
High
Unreviewed
CVE-2023-41137
was published
Nov 9, 2023
Several versions of
ALEOS, including ALEOS 4.16.0, use a hardcoded
SSL certificate...
High
Unreviewed
CVE-2023-40464
was published
Dec 5, 2023
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco...
High
Unreviewed
CVE-2022-20868
was published
Nov 4, 2022
A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an...
High
Unreviewed
CVE-2023-20038
was published
Jan 20, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to...
High
Unreviewed
CVE-2023-2637
was published
Jun 13, 2023
The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to...
High
Unreviewed
CVE-2023-3371
was published
Jun 27, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This...
High
Unreviewed
CVE-2023-34123
was published
Jul 13, 2023
Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key...
High
Unreviewed
CVE-2023-43637
was published
Sep 21, 2023
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a...
High
Unreviewed
CVE-2022-2660
was published
Dec 14, 2022
The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native...
High
Unreviewed
CVE-2024-30407
was published
Apr 12, 2024
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure...
High
Unreviewed
CVE-2023-39465
was published
May 3, 2024
The devices which CyberPower PowerPanel manages use identical certificates based on a
hard-coded...
High
Unreviewed
CVE-2024-31410
was published
May 15, 2024
Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP...
High
Unreviewed
CVE-2024-33891
was published
Apr 29, 2024
A vulnerability in Cisco Intelligent Node (iNode) Software could allow an unauthenticated, remote...
High
Unreviewed
CVE-2024-20323
was published
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API