GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,960
Composer 4,279
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,851

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

383 advisories

Filter by severity

Sort by

Least recently updated

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app... High Unreviewed

CVE-2023-32414 was published Jun 23, 2023

An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it... Moderate Unreviewed

CVE-2023-37301 was published Jun 30, 2023

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software... High Unreviewed

CVE-2020-3549 was published May 24, 2022

In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying... Moderate Unreviewed

CVE-2023-20942 was published Jul 13, 2023

Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows... Low Unreviewed

CVE-2023-6728 was published Oct 17, 2024

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... Moderate Unreviewed

CVE-2024-45259 was published Oct 24, 2024

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases,... Moderate Unreviewed

CVE-2013-2566 was published May 13, 2022

An unauthenticated local attacker can decrypt the devices config file and therefore compromise... High Unreviewed

CVE-2024-45273 was published Oct 15, 2024

An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive... High Unreviewed

CVE-2024-41594 was published Oct 3, 2024

The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain... High Unreviewed

CVE-2024-8455 was published Sep 30, 2024

OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords. High Unreviewed

CVE-2024-22892 was published Sep 25, 2024

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4333 was published Aug 15, 2023

An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not... Moderate Unreviewed

CVE-2024-37034 was published Jul 27, 2024

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard... High Unreviewed

CVE-2022-1252 was published Apr 12, 2022

Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of... High Unreviewed

CVE-2023-36539 was published Jun 30, 2023

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the... Moderate Unreviewed

CVE-2024-28755 was published Apr 3, 2024

Insufficient or weak TLS protocol version identified in Advance authentication client server... High Unreviewed

CVE-2021-38121 was published Aug 28, 2024

Inadequate encryption strength for some BMRA software before version 22.08 may allow an... High Unreviewed

CVE-2024-21787 was published Aug 14, 2024

A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The... Moderate Unreviewed

CVE-2024-41681 was published Aug 13, 2024

Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation... High Unreviewed

CVE-2024-5800 was published Aug 12, 2024

Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow... High Unreviewed

CVE-2024-42163 was published Aug 12, 2024

Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary... High Unreviewed

CVE-2024-21881 was published Aug 12, 2024

Under certain circumstances the communication between exacqVision Client and exacqVision Server... Critical Unreviewed

CVE-2024-32758 was published Aug 2, 2024

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC... High Unreviewed

CVE-2024-38867 was published Jul 9, 2024

The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign... Moderate Unreviewed

CVE-2024-40719 was published Aug 2, 2024

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

383 advisories