GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,198
Composer 4,343
Erlang 31
GitHub Actions 22
Go 2,107
Maven 5,283
npm 3,764
NuGet 679
pip 3,452
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,229

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

386 advisories

Filter by severity

Sort by

Least recently updated

An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated... High Unreviewed

CVE-2023-30132 was published Oct 19, 2023

Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure... Moderate Unreviewed

CVE-2023-43776 was published Oct 17, 2023

Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength... High Unreviewed

CVE-2023-4129 was published Sep 27, 2023

Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS... High Unreviewed

CVE-2023-41305 was published Sep 27, 2023

An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are... Moderate Unreviewed

CVE-2022-46783 was published Aug 28, 2023

An inadequate encryption strength vulnerability has been reported to affect QNAP operating... High Unreviewed

CVE-2023-34971 was published Aug 24, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4333 was published Aug 15, 2023

Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27... High Unreviewed

CVE-2023-0525 was published Aug 4, 2023

The BigFix WebUI uses weak cipher suites. High Unreviewed

CVE-2023-28021 was published Jul 18, 2023

In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying... Moderate Unreviewed

CVE-2023-20942 was published Jul 13, 2023

A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000... High Unreviewed

CVE-2023-20185 was published Jul 12, 2023

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM... Moderate Unreviewed

CVE-2023-36748 was published Jul 11, 2023

Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the... High Unreviewed

CVE-2023-2443 was published Jul 6, 2023

HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when... Unknown Unreviewed

CVE-2023-2197 was published Jul 6, 2023

Electra Central AC unit – The unit opens an AP with an easily calculated password. Moderate Unreviewed

CVE-2023-24502 was published Jul 6, 2023

The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with... High Unreviewed

CVE-2022-2640 was published Jul 6, 2023

AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption... High Unreviewed

CVE-2023-34337 was published Jul 5, 2023

An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it... Moderate Unreviewed

CVE-2023-37301 was published Jun 30, 2023

Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of... High Unreviewed

CVE-2023-36539 was published Jun 30, 2023

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app... High Unreviewed

CVE-2023-32414 was published Jun 23, 2023

Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains... Moderate Unreviewed

CVE-2023-33283 was published Jun 7, 2023

Under certain circumstances, a call to the <code>bind</code> function may have resulted in the... Moderate Unreviewed

CVE-2023-29549 was published Jun 2, 2023

A compromised web child process could disable web security opening restrictions, leading to a new... Moderate Unreviewed

CVE-2023-23597 was published Jun 2, 2023

Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can... Moderate Unreviewed

CVE-2023-33982 was published May 24, 2023

Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool... Moderate Unreviewed

CVE-2023-1764 was published May 17, 2023

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

386 advisories