GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

381 advisories

Filter by severity

Sort by

Least recently updated

In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying... Moderate Unreviewed

CVE-2023-20942 was published Jul 13, 2023

Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows... Low Unreviewed

CVE-2023-6728 was published Oct 17, 2024

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... Moderate Unreviewed

CVE-2024-45259 was published Oct 24, 2024

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases,... Moderate Unreviewed

CVE-2013-2566 was published May 13, 2022

An unauthenticated local attacker can decrypt the devices config file and therefore compromise... High Unreviewed

CVE-2024-45273 was published Oct 15, 2024

An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive... High Unreviewed

CVE-2024-41594 was published Oct 3, 2024

The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain... High Unreviewed

CVE-2024-8455 was published Sep 30, 2024

OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords. High Unreviewed

CVE-2024-22892 was published Sep 25, 2024

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4333 was published Aug 15, 2023

An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not... Moderate Unreviewed

CVE-2024-37034 was published Jul 27, 2024

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard... High Unreviewed

CVE-2022-1252 was published Apr 12, 2022

Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of... High Unreviewed

CVE-2023-36539 was published Jun 30, 2023

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the... Moderate Unreviewed

CVE-2024-28755 was published Apr 3, 2024

Insufficient or weak TLS protocol version identified in Advance authentication client server... High Unreviewed

CVE-2021-38121 was published Aug 28, 2024

Inadequate encryption strength for some BMRA software before version 22.08 may allow an... High Unreviewed

CVE-2024-21787 was published Aug 14, 2024

A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The... Moderate Unreviewed

CVE-2024-41681 was published Aug 13, 2024

Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation... High Unreviewed

CVE-2024-5800 was published Aug 12, 2024

Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow... High Unreviewed

CVE-2024-42163 was published Aug 12, 2024

Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary... High Unreviewed

CVE-2024-21881 was published Aug 12, 2024

Under certain circumstances the communication between exacqVision Client and exacqVision Server... Critical Unreviewed

CVE-2024-32758 was published Aug 2, 2024

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC... High Unreviewed

CVE-2024-38867 was published Jul 9, 2024

The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign... Moderate Unreviewed

CVE-2024-40719 was published Aug 2, 2024

ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords... Moderate Unreviewed

CVE-2024-34113 was published Jun 13, 2024

HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This... Low Unreviewed

CVE-2024-30119 was published Jun 15, 2024

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2... Critical Unreviewed

CVE-2017-11317 was published May 13, 2022

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

381 advisories