Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

88 advisories

Loading
SimpleMiningOS through v1259 ships with SSH host keys baked into the installation image, which... Critical Unreviewed
CVE-2019-19753 was published Apr 30, 2024
A vulnerability in Cisco Intelligent Node (iNode) Software could allow an unauthenticated, remote... High Unreviewed
CVE-2024-20323 was published Jul 17, 2024
Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP... High Unreviewed
CVE-2024-33891 was published Apr 29, 2024
minerstat msOS before 2019-10-23 does not have a unique SSH key for each instance of the product. Critical Unreviewed
CVE-2019-19750 was published May 24, 2022
The devices which CyberPower PowerPanel manages use identical certificates based on a hard-coded... High Unreviewed
CVE-2024-31410 was published May 15, 2024
A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Critical Unreviewed
CVE-2024-30207 was published May 14, 2024
A hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with... Moderate Unreviewed
CVE-2024-3109 was published May 3, 2024
Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure... Moderate Unreviewed
CVE-2023-39482 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure... High Unreviewed
CVE-2023-39465 was published May 3, 2024
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This... Critical Unreviewed
CVE-2023-32169 was published May 3, 2024
A vulnerability was found in Juanpao JPShop up to 1.5.02. It has been declared as problematic.... Low Unreviewed
CVE-2024-1258 was published Feb 6, 2024
A vulnerability, which was classified as critical, has been found in osuuu LightPicture up to 1.2... Moderate Unreviewed
CVE-2024-1920 was published Feb 27, 2024
The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native... High Unreviewed
CVE-2024-30407 was published Apr 12, 2024
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a... High Unreviewed
CVE-2022-2660 was published Dec 14, 2022
Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key... High Unreviewed
CVE-2023-43637 was published Sep 21, 2023
The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private... Moderate Unreviewed
CVE-2023-3404 was published Aug 31, 2023
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz -... Critical Unreviewed
CVE-2023-3632 was published Aug 9, 2023
The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2023-3947 was published Jul 26, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed
CVE-2023-35763 was published Jul 18, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed
CVE-2023-34123 was published Jul 13, 2023
Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious... Critical Unreviewed
CVE-2023-2158 was published Jul 6, 2023
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device... Critical Unreviewed
CVE-2022-2641 was published Jul 6, 2023
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality... Critical Unreviewed
CVE-2023-22844 was published Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded... Critical Unreviewed
CVE-2023-34338 was published Jul 5, 2023
The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to... High Unreviewed
CVE-2023-3371 was published Jun 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database