Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

71 advisories

Loading
Symmetric encryption used to protect messages between the AppsAnywhere server and client can be... High Unreviewed
CVE-2023-41137 was published Nov 9, 2023
xkeys seal encryption used fixed key for all encryption High
CVE-2023-46129 was published for github.com/nats-io/nats-server/v2 (Go) Oct 31, 2023
tinou98
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key Critical Unreviewed
CVE-2023-42492 was published Oct 25, 2023
Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key... High Unreviewed
CVE-2023-43637 was published Sep 21, 2023
The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private... Moderate Unreviewed
CVE-2023-3404 was published Aug 31, 2023
Netmaker has Hardcoded DNS Secret Key High
CVE-2023-32077 was published for github.com/gravitl/netmaker (Go) Aug 25, 2023
rootxharsh iamnoooob
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4328 was published Aug 15, 2023
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz -... Critical Unreviewed
CVE-2023-3632 was published Aug 9, 2023
The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2023-3947 was published Jul 26, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that... Moderate Unreviewed
CVE-2023-35763 was published Jul 18, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This... High Unreviewed
CVE-2023-34123 was published Jul 13, 2023
Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious... Critical Unreviewed
CVE-2023-2158 was published Jul 6, 2023
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device... Critical Unreviewed
CVE-2022-2641 was published Jul 6, 2023
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality... Critical Unreviewed
CVE-2023-22844 was published Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded... Critical Unreviewed
CVE-2023-34338 was published Jul 5, 2023
The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to... High Unreviewed
CVE-2023-3371 was published Jun 27, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to... High Unreviewed
CVE-2023-2637 was published Jun 13, 2023
Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt... High Unreviewed
CVE-2023-0355 was published Mar 13, 2023
A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an... High Unreviewed
CVE-2023-20038 was published Jan 20, 2023
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a... High Unreviewed
CVE-2022-2660 was published Dec 14, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29828 was published Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29827 was published Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... Critical Unreviewed
CVE-2022-29830 was published Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed
CVE-2022-29829 was published Nov 25, 2022
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco... High Unreviewed
CVE-2022-20868 was published Nov 4, 2022
ProTip! Advisories are also available from the GraphQL API