Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
Sprecher Automations SPRECON-E-C,  SPRECON-E-P, SPRECON-E-T3 is vulnerable to attack by an... Critical Unreviewed
CVE-2025-41742 was published Dec 2, 2025
Sprecher Automations SPRECON-E series uses default cryptographic keys that allow an unprivileged... Critical Unreviewed
CVE-2025-41744 was published Dec 2, 2025
Use of Default Cryptographic Key (CWE-1394) Critical Unreviewed
CVE-2025-55049 was published Sep 9, 2025
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcoded SSH private key for a root... Critical Unreviewed
CVE-2025-44954 was published Aug 4, 2025
Milestone Systems has discovered a security vulnerability in Milestone XProtect installer that... Moderate Unreviewed
CVE-2025-1688 was published Apr 15, 2025
There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and earlier and later versions. Moderate Unreviewed
CVE-2025-26849 was published Mar 4, 2025
Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a... Critical Unreviewed
CVE-2024-48956 was published Dec 9, 2024
A vulnerability, which was classified as problematic, has been found in macrozheng mall up to 1.0... Low Unreviewed
CVE-2024-11619 was published Nov 22, 2024
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up... Low Unreviewed
CVE-2024-10748 was published Nov 4, 2024
Use of Default Cryptographic Key vulnerability in Baxter Welch Ally Connex Spot Monitor may allow... Unknown Unreviewed
CVE-2024-1275 was published May 31, 2024
Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows... High Unreviewed
CVE-2023-6451 was published Feb 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database