GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
174 advisories
Filter by severity
In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying...
Moderate
Unreviewed
CVE-2023-20942
was published
Jul 13, 2023
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
Moderate
Unreviewed
CVE-2024-45259
was published
Oct 24, 2024
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases,...
Moderate
Unreviewed
CVE-2013-2566
was published
May 13, 2022
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4333
was published
Aug 15, 2023
An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not...
Moderate
Unreviewed
CVE-2024-37034
was published
Jul 27, 2024
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the...
Moderate
Unreviewed
CVE-2024-28755
was published
Apr 3, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The...
Moderate
Unreviewed
CVE-2024-41681
was published
Aug 13, 2024
The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign...
Moderate
Unreviewed
CVE-2024-40719
was published
Aug 2, 2024
ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords...
Moderate
Unreviewed
CVE-2024-34113
was published
Jun 13, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Moderate
Unreviewed
CVE-2022-40745
was published
Apr 19, 2024
Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not...
Moderate
Unreviewed
CVE-2024-29951
was published
Apr 17, 2024
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-20692
was published
Jan 9, 2024
Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains...
Moderate
Unreviewed
CVE-2023-33283
was published
Jun 7, 2023
Improper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and earlier)...
Moderate
Unreviewed
CVE-2023-28124
was published
Apr 19, 2023
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an...
Moderate
Unreviewed
CVE-2024-3387
was published
Apr 10, 2024
Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure...
Moderate
Unreviewed
CVE-2023-43776
was published
Oct 17, 2023
An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are...
Moderate
Unreviewed
CVE-2022-46783
was published
Aug 28, 2023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM...
Moderate
Unreviewed
CVE-2023-36748
was published
Jul 11, 2023
Electra Central AC unit – The unit opens an AP with an easily calculated password.
Moderate
Unreviewed
CVE-2023-24502
was published
Jul 6, 2023
Under certain circumstances, a call to the <code>bind</code> function may have resulted in the...
Moderate
Unreviewed
CVE-2023-29549
was published
Jun 2, 2023
A compromised web child process could disable web security opening restrictions, leading to a new...
Moderate
Unreviewed
CVE-2023-23597
was published
Jun 2, 2023
Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can...
Moderate
Unreviewed
CVE-2023-33982
was published
May 24, 2023
Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool...
Moderate
Unreviewed
CVE-2023-1764
was published
May 17, 2023
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed...
Moderate
Unreviewed
CVE-2020-5943
was published
May 24, 2022
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular...
Moderate
Unreviewed
CVE-2020-11735
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API