GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,562
Composer 4,198
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,914

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

413 advisories

Filter by severity

Sort by

Least recently updated

Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22770 was published Jan 23, 2024

Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause... High Unreviewed

CVE-2024-22771 was published Jan 23, 2024

Ubee DDW365 XCNDDW365 and DDW366 XCNDXW3WB devices have predictable default WPA2 PSKs that could... High Unreviewed

CVE-2024-23726 was published Jan 21, 2024

It is possible to download the configuration backup without authorization and decrypt included... High Unreviewed

CVE-2023-49256 was published Jan 12, 2024

The vulnerability allows a remote attacker to authenticate to the SSH service with root... High Unreviewed

CVE-2023-48251 was published Jan 10, 2024

The vulnerability allows a remote attacker to authenticate to the web application with high... High Unreviewed

CVE-2023-48250 was published Jan 10, 2024

An issue in Automatic Systems SOC FL9600 FastLine v.lego_T04E00 allows a remote attacker to... High Unreviewed

CVE-2023-37608 was published Jan 3, 2024

When installing the Net2 software a root certificate is installed into the trusted store. A... High Unreviewed

CVE-2023-43870 was published Dec 19, 2023

A hard-coded cryptographic private key used to sign JWT authentication tokens in ProLion... High Unreviewed

CVE-2023-36647 was published Dec 12, 2023

Hidden and hard-coded credentials in ProLion CryptoSpike 3.0.15P2 allow remote attackers to login... High Unreviewed

CVE-2023-36651 was published Dec 12, 2023

The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard... High Unreviewed

CVE-2023-33413 was published Dec 7, 2023

When configured in debugging mode by an authenticated user with administrative... High Unreviewed

CVE-2023-40463 was published Dec 5, 2023

Several versions of ALEOS, including ALEOS 4.16.0, use a hardcoded SSL certificate... High Unreviewed

CVE-2023-40464 was published Dec 5, 2023

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to a hard-coded JWT... High Unreviewed

CVE-2023-47315 was published Nov 22, 2023

Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES... High Unreviewed

CVE-2023-48053 was published Nov 16, 2023

SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This... High Unreviewed

CVE-2023-48055 was published Nov 16, 2023

Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. A local... High Unreviewed

CVE-2023-44296 was published Nov 16, 2023

Symmetric encryption used to protect messages between the AppsAnywhere server and client can be... High Unreviewed

CVE-2023-41137 was published Nov 9, 2023

The Android Client application, when enrolled to the AppHub server, connects to an MQTT broker to... High Unreviewed

CVE-2023-46102 was published Oct 25, 2023

The vulnerability allows an unprivileged (untrusted) third- party application to arbitrary modify... High Unreviewed

CVE-2023-41372 was published Oct 25, 2023

The Hawk Console and Hawk Agent components of TIBCO Software Inc.'s TIBCO Hawk, TIBCO Hawk... High Unreviewed

CVE-2023-26219 was published Oct 25, 2023

SonicOS Use of Hard-coded Password vulnerability in the 'dynHandleBuyToolbar' demo function. High Unreviewed

CVE-2023-41713 was published Oct 18, 2023

The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers... High Unreviewed

CVE-2023-45226 was published Oct 10, 2023

A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only... High Unreviewed

CVE-2023-36380 was published Oct 10, 2023

All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device... High Unreviewed

CVE-2022-47891 was published Oct 3, 2023

Previous 1 2 3 4 5 … 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

413 advisories