Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

164 advisories

Loading
An unauthenticated local attacker can decrypt the devices config file and therefore compromise... High Unreviewed
CVE-2024-45273 was published Oct 15, 2024
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive... High Unreviewed
CVE-2024-41594 was published Oct 3, 2024
The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain... High Unreviewed
CVE-2024-8455 was published Sep 30, 2024
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords. High Unreviewed
CVE-2024-22892 was published Sep 25, 2024
Insufficient or weak TLS protocol version identified in Advance authentication client server... High Unreviewed
CVE-2021-38121 was published Aug 28, 2024
Inadequate encryption strength for some BMRA software before version 22.08 may allow an... High Unreviewed
CVE-2024-21787 was published Aug 14, 2024
Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation... High Unreviewed
CVE-2024-5800 was published Aug 12, 2024
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow... High Unreviewed
CVE-2024-42163 was published Aug 12, 2024
Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary... High Unreviewed
CVE-2024-21881 was published Aug 12, 2024
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC... High Unreviewed
CVE-2024-38867 was published Jul 9, 2024
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0... High Unreviewed
CVE-2024-29969 was published Apr 19, 2024
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa... High Unreviewed
CVE-2024-29950 was published Apr 17, 2024
This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic... High Unreviewed
CVE-2024-25102 was published Mar 6, 2024
This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm ... High Unreviewed
CVE-2024-1224 was published Mar 6, 2024
An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated... High Unreviewed
CVE-2023-30132 was published Oct 19, 2023
Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength... High Unreviewed
CVE-2023-4129 was published Sep 27, 2023
Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS... High Unreviewed
CVE-2023-41305 was published Sep 27, 2023
An inadequate encryption strength vulnerability has been reported to affect QNAP operating... High Unreviewed
CVE-2023-34971 was published Aug 24, 2023
Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27... High Unreviewed
CVE-2023-0525 was published Aug 4, 2023
The BigFix WebUI uses weak cipher suites. High Unreviewed
CVE-2023-28021 was published Jul 18, 2023
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000... High Unreviewed
CVE-2023-20185 was published Jul 12, 2023
Rockwell Automation ThinManager product allows the use of medium strength ciphers.  If the... High Unreviewed
CVE-2023-2443 was published Jul 6, 2023
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with... High Unreviewed
CVE-2022-2640 was published Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption... High Unreviewed
CVE-2023-34337 was published Jul 5, 2023
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of... High Unreviewed
CVE-2023-36539 was published Jun 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database