Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

71 advisories

Loading
The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key... High Unreviewed
CVE-2021-38461 was published May 24, 2022
A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3),... High Unreviewed
CVE-2021-27392 was published May 24, 2022
A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive ... Critical Unreviewed
CVE-2021-27389 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET... Moderate Unreviewed
CVE-2020-28395 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Moderate Unreviewed
CVE-2020-28391 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3),... High Unreviewed
CVE-2020-25234 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3),... Moderate Unreviewed
CVE-2020-25231 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25229 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... Moderate Unreviewed
CVE-2020-25233 was published May 24, 2022
minerstat msOS before 2019-10-23 does not have a unique SSH key for each instance of the product. Critical Unreviewed
CVE-2019-19750 was published May 24, 2022
Metasys? ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for... Critical Unreviewed
CVE-2019-7594 was published May 24, 2022
A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the... High Unreviewed
CVE-2019-10920 was published May 24, 2022
Use of Hard-coded Cryptographic Key in Apache Tomcat Moderate
CVE-2011-5064 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version... Critical Unreviewed
CVE-2017-14021 was published May 13, 2022
The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0"... High Unreviewed
CVE-2018-10896 was published May 13, 2022
An information disclosure vulnerability exists in the router configuration export functionality... Moderate Unreviewed
CVE-2022-26020 was published May 13, 2022
Use of Hard-coded Cryptographic Key in Netmaker High
CVE-2022-23650 was published for github.com/gravitl/netmaker (Go) Feb 22, 2022
JamieSlome MrSuicideParrot
Use of Hard-coded Cryptographic Key in Netmaker High
CVE-2022-0664 was published for github.com/gravitl/netmaker (Go) Feb 19, 2022
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data... Moderate Unreviewed
CVE-2021-43552 was published Dec 28, 2021
Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded... High Unreviewed
CVE-2021-43587 was published Dec 22, 2021
Hard coded cryptographic key in Kiali High
CVE-2020-1764 was published for github.com/kiali/kiali (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API