GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,905
Composer 5,452
Erlang 46
GitHub Actions 47
Go 3,340
Maven 6,338
npm 5,367
NuGet 881
pip 4,549
Pub 12
RubyGems 1,012
Rust 1,202
Swift 51

Unreviewed advisories

All unreviewed 295,466

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

53 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability, which was classified as critical, has been found in osuuu LightPicture up to 1.2... Moderate Unreviewed

CVE-2024-1920 was published Feb 27, 2024

IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.2 IBM WebSphere Application... Moderate Unreviewed

CVE-2025-14923 was published Mar 3, 2026

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control... Moderate Unreviewed

CVE-2025-52601 was published Dec 26, 2025

"FOD" App uses hard-coded cryptographic keys, which may allow a local unauthenticated attacker to... Moderate Unreviewed

CVE-2025-64304 was published Nov 25, 2025

The Download Manager plugin for WordPress is vulnerable to unauthorized access due to a hardcoded... Moderate Unreviewed

CVE-2025-12177 was published Nov 8, 2025

GE Multilink ML800, ML1200, ML1600, and ML2400 switches with firmware 4.2.1 and earlier and... Moderate Unreviewed

CVE-2014-5419 was published May 17, 2022

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4328 was published Aug 15, 2023

The certificate and private key used for providing transport layer security for connections to... Moderate Unreviewed

CVE-2025-48417 was published May 21, 2025

Hospira MedNet before 6.1 uses hardcoded cryptographic keys for protection of data transmission... Moderate Unreviewed

CVE-2014-5403 was published May 17, 2022

The Reolink desktop application uses a hard-coded and predictable AES encryption key to encrypt... Moderate Unreviewed

CVE-2025-56802 was published Oct 21, 2025

The Reolink Desktop Application 8.18.12 contains hardcoded credentials as the Initialization... Moderate Unreviewed

CVE-2025-56801 was published Oct 21, 2025

desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an... Moderate Unreviewed

CVE-2025-58426 was published Oct 16, 2025

Newforma Info Exchange (NIX) uses a hard-coded key to encrypt certain query parameters. Some... Moderate Unreviewed

CVE-2025-35052 was published Oct 9, 2025

A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed

CVE-2025-43483 was published Jul 23, 2025

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to... Moderate Unreviewed

CVE-2025-4876 was published May 19, 2025

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the... Moderate Unreviewed

CVE-2025-60250 was published Sep 26, 2025

The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click... Moderate Unreviewed

CVE-2025-58069 was published Sep 24, 2025

Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure... Moderate Unreviewed

CVE-2023-39482 was published May 3, 2024

A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic... Moderate Unreviewed

CVE-2025-2810 was published Aug 5, 2025

Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows... Moderate Unreviewed

CVE-2025-52374 was published Jul 21, 2025

Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows... Moderate Unreviewed

CVE-2025-52373 was published Jul 21, 2025

Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the... Moderate Unreviewed

CVE-2025-6074 was published Jul 3, 2025

Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker... Moderate Unreviewed

CVE-2025-6071 was published Jul 3, 2025

Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of... Moderate Unreviewed

CVE-2025-49164 was published Jun 3, 2025

Use of hard-coded cryptographic key vulnerability in i-PRO Configuration Tool affects the network... Moderate Unreviewed

CVE-2025-32730 was published Apr 24, 2025

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

53 advisories