GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
184 advisories
Filter by severity
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000...
High
Unreviewed
CVE-2023-20185
was published
Jul 12, 2023
Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the...
High
Unreviewed
CVE-2023-2443
was published
Jul 6, 2023
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with...
High
Unreviewed
CVE-2022-2640
was published
Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption...
High
Unreviewed
CVE-2023-34337
was published
Jul 5, 2023
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of...
High
Unreviewed
CVE-2023-36539
was published
Jun 30, 2023
Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40...
High
Unreviewed
CVE-2022-4048
was published
May 15, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard...
High
Unreviewed
CVE-2023-30351
was published
May 10, 2023
Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote...
High
Unreviewed
CVE-2023-27389
was published
Apr 11, 2023
An improper access control vulnerability exists prior to v6 that could allow an attacker to break...
High
Unreviewed
CVE-2023-23911
was published
Mar 11, 2023
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a...
High
Unreviewed
CVE-2022-43460
was published
Feb 13, 2023
Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows...
High
Unreviewed
CVE-2023-21443
was published
Feb 9, 2023
Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers...
High
Unreviewed
CVE-2023-21444
was published
Feb 9, 2023
An unauthorized user with network access and the decryption key could decrypt sensitive data,...
High
Unreviewed
CVE-2022-38469
was published
Jan 18, 2023
In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is...
High
Unreviewed
CVE-2022-38659
was published
Dec 19, 2022
Whole-script approval in Jenkins Script Security Plugin vulnerable to SHA-1 collisions
High
CVE-2022-45379
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
Nov 16, 2022
The application was signed using a key length less than or equal to 1024 bits, making it...
High
Unreviewed
CVE-2020-4099
was published
Nov 1, 2022
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks
High
CVE-2022-3273
was published
for
rdiffweb
(pip)
Oct 6, 2022
A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to...
High
Unreviewed
CVE-2022-40141
was published
Sep 20, 2022
Blink1Control2 uses weak password encryption
High
CVE-2022-35513
was published
for
Blink1Control2
(npm)
Sep 8, 2022
The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which...
High
Unreviewed
CVE-2022-2083
was published
Sep 6, 2022
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an...
High
Unreviewed
CVE-2022-21139
was published
Aug 19, 2022
Apache OpenOffice supports the storage of passwords for web connections in the user's...
High
Unreviewed
CVE-2022-37401
was published
Aug 16, 2022
Apache OpenOffice supports the storage of passwords for web connections in the user's...
High
Unreviewed
CVE-2022-37400
was published
Aug 16, 2022
On specific devices, there is a possible bypass of configuration integrity due to improperly used...
High
Unreviewed
CVE-2022-20374
was published
Aug 12, 2022
LibreOffice supports the storage of passwords for web connections in the user’s configuration...
High
Unreviewed
CVE-2022-26307
was published
Jul 26, 2022
ProTip!
Advisories are also available from the
GraphQL API