GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
164 advisories
Filter by severity
An unauthenticated local attacker can decrypt the devices config file and therefore compromise...
High
Unreviewed
CVE-2024-45273
was published
Oct 15, 2024
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive...
High
Unreviewed
CVE-2024-41594
was published
Oct 3, 2024
The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain...
High
Unreviewed
CVE-2024-8455
was published
Sep 30, 2024
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.
High
Unreviewed
CVE-2024-22892
was published
Sep 25, 2024
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard...
High
Unreviewed
CVE-2022-1252
was published
Apr 12, 2022
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of...
High
Unreviewed
CVE-2023-36539
was published
Jun 30, 2023
Insufficient or weak TLS protocol version identified in Advance authentication client server...
High
Unreviewed
CVE-2021-38121
was published
Aug 28, 2024
Inadequate encryption strength for some BMRA software before version 22.08 may allow an...
High
Unreviewed
CVE-2024-21787
was published
Aug 14, 2024
Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation...
High
Unreviewed
CVE-2024-5800
was published
Aug 12, 2024
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow...
High
Unreviewed
CVE-2024-42163
was published
Aug 12, 2024
Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary...
High
Unreviewed
CVE-2024-21881
was published
Aug 12, 2024
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC...
High
Unreviewed
CVE-2024-38867
was published
Jul 9, 2024
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is...
High
Unreviewed
CVE-2021-23839
was published
May 24, 2022
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0...
High
Unreviewed
CVE-2024-29969
was published
Apr 19, 2024
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa...
High
Unreviewed
CVE-2024-29950
was published
Apr 17, 2024
An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated...
High
Unreviewed
CVE-2023-30132
was published
Oct 19, 2023
Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength...
High
Unreviewed
CVE-2023-4129
was published
Sep 27, 2023
Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS...
High
Unreviewed
CVE-2023-41305
was published
Sep 27, 2023
An inadequate encryption strength vulnerability has been reported to affect QNAP operating...
High
Unreviewed
CVE-2023-34971
was published
Aug 24, 2023
Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27...
High
Unreviewed
CVE-2023-0525
was published
Aug 4, 2023
Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the...
High
Unreviewed
CVE-2023-2443
was published
Jul 6, 2023
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with...
High
Unreviewed
CVE-2022-2640
was published
Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption...
High
Unreviewed
CVE-2023-34337
was published
Jul 5, 2023
Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40...
High
Unreviewed
CVE-2022-4048
was published
May 15, 2023
ProTip!
Advisories are also available from the
GraphQL API