GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
381 advisories
Filter by severity
A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software...
High
Unreviewed
CVE-2020-3549
was published
May 24, 2022
In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying...
Moderate
Unreviewed
CVE-2023-20942
was published
Jul 13, 2023
Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows...
Low
Unreviewed
CVE-2023-6728
was published
Oct 17, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
Moderate
Unreviewed
CVE-2024-45259
was published
Oct 24, 2024
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases,...
Moderate
Unreviewed
CVE-2013-2566
was published
May 13, 2022
An unauthenticated local attacker can decrypt the devices config file and therefore compromise...
High
Unreviewed
CVE-2024-45273
was published
Oct 15, 2024
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive...
High
Unreviewed
CVE-2024-41594
was published
Oct 3, 2024
The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain...
High
Unreviewed
CVE-2024-8455
was published
Sep 30, 2024
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.
High
Unreviewed
CVE-2024-22892
was published
Sep 25, 2024
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4333
was published
Aug 15, 2023
An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not...
Moderate
Unreviewed
CVE-2024-37034
was published
Jul 27, 2024
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard...
High
Unreviewed
CVE-2022-1252
was published
Apr 12, 2022
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of...
High
Unreviewed
CVE-2023-36539
was published
Jun 30, 2023
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the...
Moderate
Unreviewed
CVE-2024-28755
was published
Apr 3, 2024
Insufficient or weak TLS protocol version identified in Advance authentication client server...
High
Unreviewed
CVE-2021-38121
was published
Aug 28, 2024
Inadequate encryption strength for some BMRA software before version 22.08 may allow an...
High
Unreviewed
CVE-2024-21787
was published
Aug 14, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The...
Moderate
Unreviewed
CVE-2024-41681
was published
Aug 13, 2024
Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation...
High
Unreviewed
CVE-2024-5800
was published
Aug 12, 2024
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow...
High
Unreviewed
CVE-2024-42163
was published
Aug 12, 2024
Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary...
High
Unreviewed
CVE-2024-21881
was published
Aug 12, 2024
Under certain circumstances the communication between exacqVision Client and exacqVision Server...
Critical
Unreviewed
CVE-2024-32758
was published
Aug 2, 2024
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC...
High
Unreviewed
CVE-2024-38867
was published
Jul 9, 2024
The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign...
Moderate
Unreviewed
CVE-2024-40719
was published
Aug 2, 2024
ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords...
Moderate
Unreviewed
CVE-2024-34113
was published
Jun 13, 2024
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This...
Low
Unreviewed
CVE-2024-30119
was published
Jun 15, 2024
ProTip!
Advisories are also available from the
GraphQL API