GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,002
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
850
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
174 advisories
Filter by severity
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,...
Moderate
Unreviewed
CVE-2024-45259
was published
Oct 24, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The...
Moderate
Unreviewed
CVE-2024-41681
was published
Aug 13, 2024
The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign...
Moderate
Unreviewed
CVE-2024-40719
was published
Aug 2, 2024
An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not...
Moderate
Unreviewed
CVE-2024-37034
was published
Jul 27, 2024
ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords...
Moderate
Unreviewed
CVE-2024-34113
was published
Jun 13, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Moderate
Unreviewed
CVE-2022-40745
was published
Apr 19, 2024
Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not...
Moderate
Unreviewed
CVE-2024-29951
was published
Apr 17, 2024
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an...
Moderate
Unreviewed
CVE-2024-3387
was published
Apr 10, 2024
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the...
Moderate
Unreviewed
CVE-2024-28755
was published
Apr 3, 2024
IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2022-32753
was published
Mar 22, 2024
An issue in AIT-Deutschland Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 and Novelan Heatpumps...
Moderate
Unreviewed
CVE-2024-22894
was published
Jan 30, 2024
Lantronix XPort sends weakly encoded credentials within web request headers.
Moderate
Unreviewed
CVE-2023-7237
was published
Jan 24, 2024
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-20692
was published
Jan 9, 2024
Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a...
Moderate
Unreviewed
CVE-2023-26941
was published
Dec 5, 2023
Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a...
Moderate
Unreviewed
CVE-2023-26943
was published
Dec 5, 2023
Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a...
Moderate
Unreviewed
CVE-2023-26942
was published
Dec 5, 2023
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to...
Moderate
Unreviewed
CVE-2023-48034
was published
Nov 27, 2023
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and...
Moderate
Unreviewed
CVE-2023-43757
was published
Nov 16, 2023
The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47373
was published
Nov 9, 2023
The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47368
was published
Nov 9, 2023
The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers...
Moderate
Unreviewed
CVE-2023-47372
was published
Nov 9, 2023
The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47366
was published
Nov 9, 2023
The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to...
Moderate
Unreviewed
CVE-2023-47367
was published
Nov 9, 2023
The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47370
was published
Nov 9, 2023
The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers...
Moderate
Unreviewed
CVE-2023-47369
was published
Nov 9, 2023
ProTip!
Advisories are also available from the
GraphQL API