Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

425 advisories

Loading
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0... High Unreviewed
CVE-2024-29969 was published Apr 19, 2024
Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not... Moderate Unreviewed
CVE-2024-29951 was published Apr 17, 2024
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa... High Unreviewed
CVE-2024-29950 was published Apr 17, 2024
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an... Moderate Unreviewed
CVE-2024-3387 was published Apr 10, 2024
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the... Moderate Unreviewed
CVE-2024-28755 was published Apr 3, 2024
Cilium has insecure IPsec transport encryption High
CVE-2024-28860 was published for github.com/cilium/cilium (Go) Mar 28, 2024
pchaigno NikAleksandrov
iokill marshrayms
IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-32753 was published Mar 22, 2024
This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic... High Unreviewed
CVE-2024-25102 was published Mar 6, 2024
This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm ... High Unreviewed
CVE-2024-1224 was published Mar 6, 2024
An issue in AIT-Deutschland Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 and Novelan Heatpumps... Moderate Unreviewed
CVE-2024-22894 was published Jan 30, 2024
Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers High
CVE-2024-23656 was published for github.com/dexidp/dex (Go) Jan 26, 2024
tuminoid
Lantronix XPort sends weakly encoded credentials within web request headers. Moderate Unreviewed
CVE-2023-7237 was published Jan 24, 2024
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Moderate Unreviewed
CVE-2024-20692 was published Jan 9, 2024
Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a... Moderate Unreviewed
CVE-2023-26943 was published Dec 5, 2023
Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a... Moderate Unreviewed
CVE-2023-26941 was published Dec 5, 2023
Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a... Moderate Unreviewed
CVE-2023-26942 was published Dec 5, 2023
Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 ... Low Unreviewed
CVE-2023-28896 was published Dec 1, 2023
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to... Moderate Unreviewed
CVE-2023-48034 was published Nov 27, 2023
upydev has weak encryption padding High
CVE-2023-48051 was published for upydev (pip) Nov 21, 2023
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and... Moderate Unreviewed
CVE-2023-43757 was published Nov 16, 2023
esptool allows attackers to view sensitive information via weak cryptographic algorithm High
CVE-2023-46894 was published for esptool (pip) Nov 9, 2023
The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47366 was published Nov 9, 2023
The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47373 was published Nov 9, 2023
The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to... Moderate Unreviewed
CVE-2023-47367 was published Nov 9, 2023
The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers... Moderate Unreviewed
CVE-2023-47372 was published Nov 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database