GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
381 advisories
Filter by severity
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
Moderate
Unreviewed
CVE-2024-45259
was published
Oct 24, 2024
Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows...
Low
Unreviewed
CVE-2023-6728
was published
Oct 17, 2024
An unauthenticated local attacker can decrypt the devices config file and therefore compromise...
High
Unreviewed
CVE-2024-45273
was published
Oct 15, 2024
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive...
High
Unreviewed
CVE-2024-41594
was published
Oct 3, 2024
The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain...
High
Unreviewed
CVE-2024-8455
was published
Sep 30, 2024
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.
High
Unreviewed
CVE-2024-22892
was published
Sep 25, 2024
Insufficient or weak TLS protocol version identified in Advance authentication client server...
High
Unreviewed
CVE-2021-38121
was published
Aug 28, 2024
Inadequate encryption strength for some BMRA software before version 22.08 may allow an...
High
Unreviewed
CVE-2024-21787
was published
Aug 14, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The...
Moderate
Unreviewed
CVE-2024-41681
was published
Aug 13, 2024
Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation...
High
Unreviewed
CVE-2024-5800
was published
Aug 12, 2024
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow...
High
Unreviewed
CVE-2024-42163
was published
Aug 12, 2024
Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary...
High
Unreviewed
CVE-2024-21881
was published
Aug 12, 2024
The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign...
Moderate
Unreviewed
CVE-2024-40719
was published
Aug 2, 2024
Under certain circumstances the communication between exacqVision Client and exacqVision Server...
Critical
Unreviewed
CVE-2024-32758
was published
Aug 2, 2024
An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not...
Moderate
Unreviewed
CVE-2024-37034
was published
Jul 27, 2024
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC...
High
Unreviewed
CVE-2024-38867
was published
Jul 9, 2024
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This...
Low
Unreviewed
CVE-2024-30119
was published
Jun 15, 2024
ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords...
Moderate
Unreviewed
CVE-2024-34113
was published
Jun 13, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive...
Low
Unreviewed
CVE-2023-37397
was published
Apr 19, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Moderate
Unreviewed
CVE-2022-40745
was published
Apr 19, 2024
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0...
High
Unreviewed
CVE-2024-29969
was published
Apr 19, 2024
Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not...
Moderate
Unreviewed
CVE-2024-29951
was published
Apr 17, 2024
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa...
High
Unreviewed
CVE-2024-29950
was published
Apr 17, 2024
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an...
Moderate
Unreviewed
CVE-2024-3387
was published
Apr 10, 2024
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the...
Moderate
Unreviewed
CVE-2024-28755
was published
Apr 3, 2024
ProTip!
Advisories are also available from the
GraphQL API