Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
47
Go
3,340
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,549
Pub
12
RubyGems
1,012
Rust
1,202
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

60 advisories

Loading
A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210,... High Unreviewed
CVE-2025-15605 was published Mar 23, 2026
An embedded test key and certificate could be extracted from a Poly Voice device using... High Unreviewed
CVE-2026-0754 was published Mar 3, 2026
Since the encryption algorithm used to protect firmware updates is itself encrypted using key... High Unreviewed
CVE-2026-1442 was published Feb 27, 2026
An issue in Gardyn 4 allows a remote attacker with the corresponding ssh private key can gain... High Unreviewed
CVE-2025-29630 was published Jul 25, 2025
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a... High Unreviewed
CVE-2026-27519 was published Feb 24, 2026
Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials,... High Unreviewed
CVE-2026-2103 was published Feb 6, 2026
The use of a hard-coded encryption key in calls to the Password function in C2SGlobalSettings.dll... High Unreviewed
CVE-2025-58740 was published Jan 21, 2026
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded... High Unreviewed
CVE-2025-26476 was published Aug 4, 2025
Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An... High Unreviewed
CVE-2025-38741 was published Aug 4, 2025
Use of hardcoded cryptographic keys in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The affected... High Unreviewed
CVE-2025-11781 was published Dec 2, 2025
Twonky Server 8.5.2 on Linux and Windows is vulnerable to a cryptographic flaw, use of hard-coded... High Unreviewed
CVE-2025-13316 was published Nov 19, 2025
A private key disclosure vulnerability exists in ZTE's ZXMP M721 product. A low-privileged user... High Unreviewed
CVE-2025-46582 was published Oct 27, 2025
Deck Mate 2's firmware update mechanism accepts packages without cryptographic signature... High Unreviewed
CVE-2025-34500 was published Oct 25, 2025
Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the... High Unreviewed
CVE-2024-58134 was published May 3, 2025
Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an... High Unreviewed
CVE-2025-24525 was published Oct 1, 2025
Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 (and potentially earlier unsupported... High Unreviewed
CVE-2025-55112 was published Sep 16, 2025
An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-56577 was published Aug 29, 2025
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution... High Unreviewed
CVE-2024-5722 was published Nov 22, 2024
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-22463 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated... High Unreviewed
CVE-2025-22455 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-5353 was published Jun 10, 2025
itech iLabClient 3.7.1 relies on the hard-coded YngAYdgAE/kKZYu2F2wm6w== key (found in iLabClient... High Unreviewed
CVE-2024-56429 was published May 21, 2025
Dell EMC SCG Policy Manager, versions from 5.10 to 5.12, contain(s) a Hard-coded Password... High Unreviewed
CVE-2022-34462 was published Jan 18, 2023
A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9... High Unreviewed
CVE-2017-6054 was published May 13, 2022
Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017... High Unreviewed
CVE-2017-5242 was published Jan 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database