GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
237 advisories
Filter by severity
AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific...
Moderate
Unreviewed
CVE-2023-21404
was published
May 8, 2023
Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An...
High
Unreviewed
CVE-2023-30602
was published
Jul 6, 2023
Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what...
High
Unreviewed
CVE-2023-4537
was published
Feb 15, 2024
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2024-20515
was published
Oct 2, 2024
Missing encryption of sensitive data vulnerability in settings functionality in Synology Active...
Moderate
Unreviewed
CVE-2023-52948
was published
Sep 26, 2024
Missing encryption of sensitive data vulnerability in login component in Synology Active Backup...
Moderate
Unreviewed
CVE-2023-52950
was published
Sep 26, 2024
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ...
Moderate
Unreviewed
CVE-2023-41096
was published
Oct 26, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM ...
Critical
Unreviewed
CVE-2023-41095
was published
Oct 26, 2023
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography...
High
Unreviewed
CVE-2024-0220
was published
Feb 22, 2024
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before...
High
Unreviewed
CVE-2023-33837
was published
Oct 23, 2023
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical...
Moderate
Unreviewed
CVE-2023-27291
was published
Mar 3, 2024
A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to...
Moderate
Unreviewed
CVE-2024-20503
was published
Sep 4, 2024
Credentials to access device configuration were transmitted using an unencrypted protocol. These...
High
Unreviewed
CVE-2024-42495
was published
Sep 6, 2024
Vulnerability of missing encryption in the card management module. Successful exploitation of...
High
Unreviewed
CVE-2023-44098
was published
Nov 8, 2023
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to...
Moderate
Unreviewed
CVE-2024-39746
was published
Aug 22, 2024
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain...
High
Unreviewed
CVE-2024-42657
was published
Aug 19, 2024
IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-31905
was published
Aug 15, 2024
CVE-2024-40620 IMPACT
A vulnerability exists in the affected product due to lack of encryption...
Moderate
Unreviewed
CVE-2024-40620
was published
Aug 14, 2024
Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI.
Critical
Unreviewed
CVE-2024-29151
was published
Mar 18, 2024
Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue...
High
Unreviewed
CVE-2024-7396
was published
Aug 5, 2024
An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor,...
Moderate
Unreviewed
CVE-2023-49927
was published
Jun 5, 2024
Dell Data Lakehouse, version(s) 1.0.0.0, contain(s) a Missing Encryption of Sensitive Data...
Moderate
Unreviewed
CVE-2024-38302
was published
Jul 18, 2024
** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled....
High
Unreviewed
CVE-2020-35587
was published
May 24, 2022
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel...
Moderate
Unreviewed
CVE-2019-1547
was published
May 24, 2022
A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow...
Moderate
Unreviewed
CVE-2024-5731
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API