GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
22 advisories
Filter by severity
A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive ...
Critical
Unreviewed
CVE-2021-27389
was published
May 24, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
Critical
Unreviewed
CVE-2022-29830
was published
Nov 25, 2022
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key
Critical
Unreviewed
CVE-2023-42492
was published
Oct 25, 2023
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version...
Critical
Unreviewed
CVE-2017-14021
was published
May 13, 2022
agent-js: Insecure Key Generation in `Ed25519KeyIdentity.generate`
Critical
CVE-2024-1631
was published
for
@dfinity/auth-client
(npm)
Feb 21, 2024
@nfid/embed has compromised private key due to @dfinity/auth-client producing insecure session keys
Critical
GHSA-84c3-j8r2-mcm8
was published
for
@nfid/embed
(npm)
Feb 26, 2024
Intumit SmartRobot uses a fixed encryption key for authentication. Remote attackers can use this...
Critical
Unreviewed
CVE-2024-2413
was published
Mar 13, 2024
Metasys? ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for...
Critical
Unreviewed
CVE-2019-7594
was published
May 24, 2022
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded...
Critical
Unreviewed
CVE-2023-34338
was published
Jul 5, 2023
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality...
Critical
Unreviewed
CVE-2023-22844
was published
Jul 6, 2023
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device...
Critical
Unreviewed
CVE-2022-2641
was published
Jul 6, 2023
Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious...
Critical
Unreviewed
CVE-2023-2158
was published
Jul 6, 2023
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz -...
Critical
Unreviewed
CVE-2023-3632
was published
Aug 9, 2023
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This...
Critical
Unreviewed
CVE-2023-32169
was published
May 3, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All...
Critical
Unreviewed
CVE-2024-30207
was published
May 14, 2024
minerstat msOS before 2019-10-23 does not have a unique SSH key for each instance of the product.
Critical
Unreviewed
CVE-2019-19750
was published
May 24, 2022
SimpleMiningOS through v1259 ships with SSH host keys baked into the installation image, which...
Critical
Unreviewed
CVE-2019-19753
was published
Apr 30, 2024
Password reset tokens are generated using an insecure source of randomness. Attackers who know...
Critical
Unreviewed
CVE-2024-6890
was published
Aug 8, 2024
IceCMS v3.4.7 and before was discovered to contain a hardcoded JWT key, allowing an attacker to...
Critical
Unreviewed
CVE-2024-46612
was published
Sep 25, 2024
Dragonfly2 has hard coded cyptographic key
Critical
CVE-2023-27584
was published
for
d7y.io/dragonfly/v2
(Go)
Sep 19, 2024
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An...
Critical
Unreviewed
CVE-2023-37291
was published
Jul 21, 2023
Kaifa Technology WebITR is an online attendance system, it has a vulnerability in using hard...
Critical
Unreviewed
CVE-2023-48392
was published
Dec 15, 2023
ProTip!
Advisories are also available from the
GraphQL API