Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

185 advisories

Loading
The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers... Moderate Unreviewed
CVE-2023-47372 was published Nov 9, 2023
The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47364 was published Nov 9, 2023
The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47363 was published Nov 9, 2023
The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to... Moderate Unreviewed
CVE-2023-47365 was published Nov 9, 2023
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). Moderate Unreviewed
CVE-2022-48193 was published Nov 6, 2023
mycli has Inadequate Encryption Strength Moderate
CVE-2023-44690 was published for mycli (pip) Oct 20, 2023
Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure... Moderate Unreviewed
CVE-2023-43776 was published Oct 17, 2023
An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are... Moderate Unreviewed
CVE-2022-46783 was published Aug 28, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4333 was published Aug 15, 2023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM... Moderate Unreviewed
CVE-2023-36748 was published Jul 11, 2023
Electra Central AC unit – The unit opens an AP with an easily calculated password. Moderate Unreviewed
CVE-2023-24502 was published Jul 6, 2023
Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains... Moderate Unreviewed
CVE-2023-33283 was published Jun 7, 2023
Under certain circumstances, a call to the <code>bind</code> function may have resulted in the... Moderate Unreviewed
CVE-2023-29549 was published Jun 2, 2023
A compromised web child process could disable web security opening restrictions, leading to a new... Moderate Unreviewed
CVE-2023-23597 was published Jun 2, 2023
Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can... Moderate Unreviewed
CVE-2023-33982 was published May 24, 2023
Dgraph Audit Log Encryption Vulnerability Moderate
CVE-2023-31135 was published for github.com/dgraph-io/dgraph (Go) May 17, 2023
HakuPiku joshua-goldstein
skrdgraph
Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool... Moderate Unreviewed
CVE-2023-1764 was published May 17, 2023
Improper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and earlier)... Moderate Unreviewed
CVE-2023-28124 was published Apr 19, 2023
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE... Moderate Unreviewed
CVE-2023-29054 was published Apr 11, 2023
Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for... Moderate Unreviewed
CVE-2023-22271 was published Mar 22, 2023
SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version... Moderate Unreviewed
CVE-2022-34385 was published Feb 11, 2023
Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A... Moderate Unreviewed
CVE-2022-34445 was published Feb 11, 2023
DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt... Moderate Unreviewed
CVE-2021-40341 was published Jan 6, 2023
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field Moderate
CVE-2022-2582 was published for github.com/aws/aws-sdk-go (Go) Dec 28, 2022
knqyf263
When viewing an email message A, which contains an attached message B, where B is encrypted or... Moderate Unreviewed
CVE-2022-1520 was published Dec 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database