Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

421 advisories

Loading
The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47364 was published Nov 9, 2023
The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47363 was published Nov 9, 2023
The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to... Moderate Unreviewed
CVE-2023-47365 was published Nov 9, 2023
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). Moderate Unreviewed
CVE-2022-48193 was published Nov 6, 2023
mycli has Inadequate Encryption Strength Moderate
CVE-2023-44690 was published for mycli (pip) Oct 20, 2023
An issue discovered in IXP Data EasyInstall 6.6.14907.0 allows attackers to gain escalated... High Unreviewed
CVE-2023-30132 was published Oct 19, 2023
Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure... Moderate Unreviewed
CVE-2023-43776 was published Oct 17, 2023
Dell Data Protection Central, version 19.9, contains an Inadequate Encryption Strength... High Unreviewed
CVE-2023-4129 was published Sep 27, 2023
Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS... High Unreviewed
CVE-2023-41305 was published Sep 27, 2023
An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are... Moderate Unreviewed
CVE-2022-46783 was published Aug 28, 2023
An inadequate encryption strength vulnerability has been reported to affect QNAP operating... High Unreviewed
CVE-2023-34971 was published Aug 24, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4333 was published Aug 15, 2023
Weak Encoding for Password vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27... High Unreviewed
CVE-2023-0525 was published Aug 4, 2023
The BigFix WebUI uses weak cipher suites. High Unreviewed
CVE-2023-28021 was published Jul 18, 2023
A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000... High Unreviewed
CVE-2023-20185 was published Jul 12, 2023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM... Moderate Unreviewed
CVE-2023-36748 was published Jul 11, 2023
Rockwell Automation ThinManager product allows the use of medium strength ciphers.  If the... High Unreviewed
CVE-2023-2443 was published Jul 6, 2023
HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when... Unknown Unreviewed
CVE-2023-2197 was published Jul 6, 2023
Electra Central AC unit – The unit opens an AP with an easily calculated password. Moderate Unreviewed
CVE-2023-24502 was published Jul 6, 2023
Apache Linkis Authentication Bypass vulnerability Critical
CVE-2023-27987 was published for org.apache.linkis:linkis (Maven) Jul 6, 2023
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with... High Unreviewed
CVE-2022-2640 was published Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption... High Unreviewed
CVE-2023-34337 was published Jul 5, 2023
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of... High Unreviewed
CVE-2023-36539 was published Jun 30, 2023
Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains... Moderate Unreviewed
CVE-2023-33283 was published Jun 7, 2023
Under certain circumstances, a call to the <code>bind</code> function may have resulted in the... Moderate Unreviewed
CVE-2023-29549 was published Jun 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database