GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,400

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

70 advisories

Filter by severity

Sort by

Least recently updated

Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, and 2.6, use hard-coded... High Unreviewed

CVE-2021-43587 was published Dec 22, 2021

The use of a hard-coded cryptographic key significantly increases the possibility encrypted data... Moderate Unreviewed

CVE-2021-43552 was published Dec 28, 2021

An information disclosure vulnerability exists in the router configuration export functionality... Moderate Unreviewed

CVE-2022-26020 was published May 13, 2022

The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0"... High Unreviewed

CVE-2018-10896 was published May 13, 2022

A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version... Critical Unreviewed

CVE-2017-14021 was published May 13, 2022

A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the... High Unreviewed

CVE-2019-10920 was published May 24, 2022

Metasys? ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a hardcoded RC2 key for... Critical Unreviewed

CVE-2019-7594 was published May 24, 2022

minerstat msOS before 2019-10-23 does not have a unique SSH key for each instance of the product. Critical Unreviewed

CVE-2019-19750 was published May 24, 2022

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... Moderate Unreviewed

CVE-2020-25233 was published May 24, 2022

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed

CVE-2020-25229 was published May 24, 2022

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3),... High Unreviewed

CVE-2020-25234 was published May 24, 2022

A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3),... Moderate Unreviewed

CVE-2020-25231 was published May 24, 2022

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... Moderate Unreviewed

CVE-2020-28391 was published May 24, 2022

A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET... Moderate Unreviewed

CVE-2020-28395 was published May 24, 2022

A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive ... Critical Unreviewed

CVE-2021-27389 was published May 24, 2022

A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3),... High Unreviewed

CVE-2021-27392 was published May 24, 2022

The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key... High Unreviewed

CVE-2021-38461 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco... High Unreviewed

CVE-2022-20868 was published Nov 4, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... Critical Unreviewed

CVE-2022-29830 was published Nov 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed

CVE-2022-29827 was published Nov 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed

CVE-2022-29828 was published Nov 25, 2022

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions... High Unreviewed

CVE-2022-29829 was published Nov 25, 2022

Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a... High Unreviewed

CVE-2022-2660 was published Dec 14, 2022

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an... High Unreviewed

CVE-2023-20038 was published Jan 20, 2023

Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt... High Unreviewed

CVE-2023-0355 was published Mar 13, 2023

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

70 advisories