GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
75 advisories
Filter by severity
Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An...
High
Unreviewed
CVE-2023-30602
was published
Jul 6, 2023
Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what...
High
Unreviewed
CVE-2023-4537
was published
Feb 15, 2024
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography...
High
Unreviewed
CVE-2024-0220
was published
Feb 22, 2024
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before...
High
Unreviewed
CVE-2023-33837
was published
Oct 23, 2023
Credentials to access device configuration were transmitted using an unencrypted protocol. These...
High
Unreviewed
CVE-2024-42495
was published
Sep 6, 2024
Vulnerability of missing encryption in the card management module. Successful exploitation of...
High
Unreviewed
CVE-2023-44098
was published
Nov 8, 2023
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-42657
was published
Aug 19, 2024
Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue...
High
Unreviewed
CVE-2024-7396
was published
Aug 5, 2024
** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled....
High
Unreviewed
CVE-2020-35587
was published
May 24, 2022
MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way...
High
Unreviewed
CVE-2020-10273
was published
May 24, 2022
IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to...
High
Unreviewed
CVE-2022-22401
was published
Sep 9, 2023
A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to...
High
Unreviewed
CVE-2023-4420
was published
Aug 24, 2023
An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive...
High
Unreviewed
CVE-2023-31822
was published
Jul 13, 2023
An issue found in KEISEI STORE Co, Ltd. LIVRE KEISEI v.13.6.1 allows a remote attacker to gain...
High
Unreviewed
CVE-2023-31819
was published
Jul 13, 2023
An issue found in Inageya v.13.4.1 allows a remote attacker to gain access to sensitive...
High
Unreviewed
CVE-2023-31825
was published
Jul 13, 2023
An issue found in Shizutetsu Store v.13.6.1 allows a remote attacker to gain access to sensitive...
High
Unreviewed
CVE-2023-31820
was published
Jul 13, 2023
Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored...
High
Unreviewed
CVE-2023-37192
was published
Jul 7, 2023
The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based personal...
High
Unreviewed
CVE-2022-41627
was published
Jul 6, 2023
An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely...
High
Unreviewed
CVE-2023-34258
was published
May 31, 2023
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data...
High
Unreviewed
CVE-2023-28045
was published
May 19, 2023
The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is...
High
Unreviewed
CVE-2023-32290
was published
May 7, 2023
Universal Robots control box CB 3.1 across firmware versions (tested on 1.12.1, 1.12, 1.11 and 1...
High
Unreviewed
CVE-2020-10267
was published
May 24, 2022
Search Guard versions before 23.1 had an issue that for aggregations clear text values of...
High
Unreviewed
CVE-2019-13419
was published
May 24, 2022
evolution-data-server3 3.0.3 through 3.2.1 used insecure (non-SSL) connection when attempting to...
High
Unreviewed
CVE-2011-3355
was published
Apr 22, 2022
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.
High
Unreviewed
CVE-2023-33037
was published
Jan 2, 2024
ProTip!
Advisories are also available from the
GraphQL API