Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

11 advisories

Loading
Hard-Coded Key Used For Remember-me Token in Opencast Moderate
CVE-2020-5222 was published for org.opencastproject:opencast-kernel (Maven) Jan 30, 2020
LukasKalbertodt
Use of Hard-coded Credentials in Nacos High
CVE-2021-43116 was published for com.alibaba.nacos:nacos-client (Maven) Jul 6, 2022
Use of Hard-coded Credentials in Apache Kylin High
CVE-2021-45458 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
keycloak vulnerable to unauthorized login via mail server setup Critical
CVE-2019-14837 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
jhutchings1
Dromara Lamp-Cloud Use of Hard-coded Cryptographic Key High
CVE-2023-31579 was published for top.tangyh.basic:lamp-core (Maven) Nov 3, 2023
Sureness uses hardcoded key Critical
CVE-2023-31581 was published for com.usthe.sureness:sureness-core (Maven) Oct 25, 2023
Hard-coded credentials in org.folio:mod-data-export-spring Critical
CVE-2024-23687 was published for org.folio:mod-data-export-spring (Maven) Jan 20, 2024
Hard-coded credentials in org.folio:mod-remote-storage Moderate
CVE-2024-23685 was published for org.folio:mod-remote-storage (Maven) Jan 19, 2024
Apache Submarine Commons Utils has a hard-coded secret Moderate
CVE-2024-36264 was published for apache-submarine (Maven) Jun 12, 2024
Duplicate Advisory: Keycloak Build Process Exposes Sensitive Data Moderate
GHSA-jcgg-mg9g-p9wf was published for org.keycloak:keycloak-quarkus-server (Maven) Nov 25, 2024 withdrawn
Keycloak Build Process Exposes Sensitive Data High
CVE-2024-10451 was published for org.keycloak:keycloak-quarkus-server (Maven) Nov 25, 2024
shawkins
ProTip! Advisories are also available from the GraphQL API