GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
371 advisories
Filter by severity
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is...
Moderate
Unreviewed
CVE-2023-40660
was published
Nov 6, 2023
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits...
Moderate
Unreviewed
CVE-2024-28834
was published
Mar 21, 2024
In modem, there is a possible information disclosure due to using risky cryptographic algorithm...
Moderate
Unreviewed
CVE-2024-20070
was published
Jun 3, 2024
IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-43189
was published
Nov 15, 2024
This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at...
High
Unreviewed
CVE-2024-51556
was published
Nov 4, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user...
Moderate
Unreviewed
CVE-2020-11916
was published
Nov 7, 2024
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware...
Moderate
Unreviewed
CVE-2023-5962
was published
Dec 23, 2023
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as...
Moderate
Unreviewed
CVE-2024-10128
was published
Oct 18, 2024
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a...
Moderate
Unreviewed
CVE-2024-48016
was published
Oct 18, 2024
The authentication cookies are generated using an algorithm based on the username, hardcoded...
High
Unreviewed
CVE-2023-49259
was published
Jan 12, 2024
Certain switch models from PLANET Technology only support obsolete algorithms for authentication...
High
Unreviewed
CVE-2024-8452
was published
Sep 30, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware...
Moderate
Unreviewed
CVE-2023-51392
was published
Feb 23, 2024
SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and...
Moderate
Unreviewed
CVE-2023-37484
was published
Aug 8, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4327
was published
Aug 15, 2023
A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By...
High
Unreviewed
CVE-2023-3350
was published
Oct 3, 2023
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to...
Moderate
Unreviewed
CVE-2023-40371
was published
Aug 24, 2023
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable...
Moderate
Unreviewed
CVE-2024-22318
was published
Feb 9, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Low
Unreviewed
CVE-2023-37396
was published
Apr 19, 2024
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard...
High
Unreviewed
CVE-2022-1252
was published
Apr 12, 2022
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky...
High
Unreviewed
CVE-2024-39583
was published
Sep 10, 2024
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-37068
was published
Sep 7, 2024
There is a possible escalation of privilege due to improperly used crypto. This could lead to...
Critical
Unreviewed
CVE-2024-32911
was published
Jun 13, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation...
Critical
Unreviewed
CVE-2024-0323
was published
Feb 5, 2024
Web application manifests were stored by using an insecure MD5 hash which allowed for a hash...
High
Unreviewed
CVE-2024-4765
was published
May 14, 2024
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-39745
was published
Aug 22, 2024
ProTip!
Advisories are also available from the
GraphQL API