Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
37
Go
2,526
Maven
5,000+
npm
4,189
NuGet
742
pip
3,968
Pub
12
RubyGems
947
Rust
1,030
Swift
39
Unreviewed advisories
All unreviewed
5,000+

142 advisories

Loading
IBM Cognos Controller 11.0.0 through 11.0.1, and IBM Controller 11.1.0 through 11.1.1 could allow... Low Unreviewed
CVE-2025-36326 was published Sep 26, 2025
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 decrypt BLE packet data by using the... Moderate Unreviewed
CVE-2025-60250 was published Sep 26, 2025
The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click... Moderate Unreviewed
CVE-2025-58069 was published Sep 24, 2025
The secret used for validating authentication tokens is hardcoded in device firmware for... Critical Unreviewed
CVE-2025-54807 was published Sep 18, 2025
Out-of-support Control-M/Agent versions 9.0.18 to 9.0.20 (and potentially earlier unsupported... High Unreviewed
CVE-2025-55112 was published Sep 16, 2025
An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4... Critical Unreviewed
CVE-2025-57174 was published Sep 15, 2025
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a... Low Unreviewed
CVE-2025-30200 was published Sep 5, 2025
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a... Low Unreviewed
CVE-2025-30198 was published Sep 5, 2025
An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-56577 was published Aug 29, 2025
The JWT secret key is embedded in the egOS WebGUI backend and is readable to the default user. An... Critical Unreviewed
CVE-2025-41702 was published Aug 26, 2025
Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encryption key and... Critical Unreviewed
CVE-2025-55619 was published Aug 22, 2025
A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic... Moderate Unreviewed
CVE-2025-2810 was published Aug 5, 2025
Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, contain a Use of Hard-coded... High Unreviewed
CVE-2025-26476 was published Aug 4, 2025
Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An... High Unreviewed
CVE-2025-38741 was published Aug 4, 2025
RUCKUS Network Director (RND) before 4.5 allows spoofing of an administrator JWT by an attacker... Critical Unreviewed
CVE-2025-44963 was published Aug 4, 2025
A potential security vulnerability has been identified in the Poly Clariti Manager for versions... Moderate Unreviewed
CVE-2025-43483 was published Jul 23, 2025
Use of hardcoded cryptographic key in Encryption.cs in hMailServer 5.8.6 and 5.6.9-beta allows... Moderate Unreviewed
CVE-2025-52374 was published Jul 21, 2025
Use of hardcoded cryptographic key in BlowFish.cpp in hMailServer 5.8.6 and 5.6.9-beta allows... Moderate Unreviewed
CVE-2025-52373 was published Jul 21, 2025
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. When the... Moderate Unreviewed
CVE-2025-6074 was published Jul 3, 2025
Use of Hard-coded Cryptographic Key vulnerability in ABB RMC-100, ABB RMC-100 LITE. An attacker... Moderate Unreviewed
CVE-2025-6071 was published Jul 3, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-5353 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.0.0 allows a local authenticated... High Unreviewed
CVE-2025-22455 was published Jun 10, 2025
A hardcoded key in Ivanti Workspace Control before version 10.19.10.0 allows a local... High Unreviewed
CVE-2025-22463 was published Jun 10, 2025
Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of... Moderate Unreviewed
CVE-2025-49164 was published Jun 3, 2025
The certificate and private key used for providing transport layer security for connections to... Moderate Unreviewed
CVE-2025-48417 was published May 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database