GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,434

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

174 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... Moderate Unreviewed

CVE-2024-45259 was published Oct 24, 2024

A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The... Moderate Unreviewed

CVE-2024-41681 was published Aug 13, 2024

The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign... Moderate Unreviewed

CVE-2024-40719 was published Aug 2, 2024

An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not... Moderate Unreviewed

CVE-2024-37034 was published Jul 27, 2024

ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords... Moderate Unreviewed

CVE-2024-34113 was published Jun 13, 2024

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information... Moderate Unreviewed

CVE-2022-40745 was published Apr 19, 2024

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not... Moderate Unreviewed

CVE-2024-29951 was published Apr 17, 2024

A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an... Moderate Unreviewed

CVE-2024-3387 was published Apr 10, 2024

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the... Moderate Unreviewed

CVE-2024-28755 was published Apr 3, 2024

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed

CVE-2022-32753 was published Mar 22, 2024

An issue in AIT-Deutschland Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 and Novelan Heatpumps... Moderate Unreviewed

CVE-2024-22894 was published Jan 30, 2024

Lantronix XPort sends weakly encoded credentials within web request headers. Moderate Unreviewed

CVE-2023-7237 was published Jan 24, 2024

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Moderate Unreviewed

CVE-2024-20692 was published Jan 9, 2024

Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a... Moderate Unreviewed

CVE-2023-26941 was published Dec 5, 2023

Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a... Moderate Unreviewed

CVE-2023-26943 was published Dec 5, 2023

Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a... Moderate Unreviewed

CVE-2023-26942 was published Dec 5, 2023

An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to... Moderate Unreviewed

CVE-2023-48034 was published Nov 27, 2023

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and... Moderate Unreviewed

CVE-2023-43757 was published Nov 16, 2023

The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to... Moderate Unreviewed

CVE-2023-47367 was published Nov 9, 2023

The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47370 was published Nov 9, 2023

The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47366 was published Nov 9, 2023

The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47368 was published Nov 9, 2023

The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers... Moderate Unreviewed

CVE-2023-47372 was published Nov 9, 2023

The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers... Moderate Unreviewed

CVE-2023-47369 was published Nov 9, 2023

The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47373 was published Nov 9, 2023

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

174 advisories