Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

187 advisories

Loading
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a... High Unreviewed
CVE-2022-43460 was published Feb 13, 2023
An improper access control vulnerability exists prior to v6 that could allow an attacker to break... High Unreviewed
CVE-2023-23911 was published Mar 11, 2023
Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote... High Unreviewed
CVE-2023-27389 was published Apr 11, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... High Unreviewed
CVE-2023-30351 was published May 10, 2023
Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40... High Unreviewed
CVE-2022-4048 was published May 15, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app... High Unreviewed
CVE-2023-32414 was published Jun 23, 2023
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of... High Unreviewed
CVE-2023-36539 was published Jun 30, 2023
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption... High Unreviewed
CVE-2023-34337 was published Jul 5, 2023
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with... High Unreviewed
CVE-2022-2640 was published Jul 6, 2023
Rockwell Automation ThinManager product allows the use of medium strength ciphers.  If the... High Unreviewed
CVE-2023-2443 was published Jul 6, 2023
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000... High Unreviewed
CVE-2023-20185 was published Jul 12, 2023
The BigFix WebUI uses weak cipher suites. High Unreviewed
CVE-2023-28021 was published Jul 18, 2023
Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27... High Unreviewed
CVE-2023-0525 was published Aug 4, 2023
An inadequate encryption strength vulnerability has been reported to affect QNAP operating... High Unreviewed
CVE-2023-34971 was published Aug 24, 2023
Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS... High Unreviewed
CVE-2023-41305 was published Sep 27, 2023
Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength... High Unreviewed
CVE-2023-4129 was published Sep 27, 2023
An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated... High Unreviewed
CVE-2023-30132 was published Oct 19, 2023
esptool allows attackers to view sensitive information via weak cryptographic algorithm High
CVE-2023-46894 was published for esptool (pip) Nov 9, 2023
upydev has weak encryption padding High
CVE-2023-48051 was published for upydev (pip) Nov 21, 2023
Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers High
CVE-2024-23656 was published for github.com/dexidp/dex (Go) Jan 26, 2024
tuminoid
This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic... High Unreviewed
CVE-2024-25102 was published Mar 6, 2024
This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm ... High Unreviewed
CVE-2024-1224 was published Mar 6, 2024
Cilium has insecure IPsec transport encryption High
CVE-2024-28860 was published for github.com/cilium/cilium (Go) Mar 28, 2024
pchaigno NikAleksandrov
iokill marshrayms
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa... High Unreviewed
CVE-2024-29950 was published Apr 17, 2024
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0... High Unreviewed
CVE-2024-29969 was published Apr 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database