GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,408

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

175 advisories

Filter by severity

Sort by

Least recently updated

The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47364 was published Nov 9, 2023

The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47363 was published Nov 9, 2023

The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to... Moderate Unreviewed

CVE-2023-47365 was published Nov 9, 2023

Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). Moderate Unreviewed

CVE-2022-48193 was published Nov 6, 2023

Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure... Moderate Unreviewed

CVE-2023-43776 was published Oct 17, 2023

An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are... Moderate Unreviewed

CVE-2022-46783 was published Aug 28, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4333 was published Aug 15, 2023

In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying... Moderate Unreviewed

CVE-2023-20942 was published Jul 13, 2023

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM... Moderate Unreviewed

CVE-2023-36748 was published Jul 11, 2023

Electra Central AC unit – The unit opens an AP with an easily calculated password. Moderate Unreviewed

CVE-2023-24502 was published Jul 6, 2023

An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it... Moderate Unreviewed

CVE-2023-37301 was published Jun 30, 2023

Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains... Moderate Unreviewed

CVE-2023-33283 was published Jun 7, 2023

Under certain circumstances, a call to the <code>bind</code> function may have resulted in the... Moderate Unreviewed

CVE-2023-29549 was published Jun 2, 2023

A compromised web child process could disable web security opening restrictions, leading to a new... Moderate Unreviewed

CVE-2023-23597 was published Jun 2, 2023

Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can... Moderate Unreviewed

CVE-2023-33982 was published May 24, 2023

Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool... Moderate Unreviewed

CVE-2023-1764 was published May 17, 2023

Improper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and earlier)... Moderate Unreviewed

CVE-2023-28124 was published Apr 19, 2023

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE... Moderate Unreviewed

CVE-2023-29054 was published Apr 11, 2023

Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for... Moderate Unreviewed

CVE-2023-22271 was published Mar 22, 2023

Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A... Moderate Unreviewed

CVE-2022-34445 was published Feb 11, 2023

SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version... Moderate Unreviewed

CVE-2022-34385 was published Feb 11, 2023

DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt... Moderate Unreviewed

CVE-2021-40341 was published Jan 6, 2023

When viewing an email message A, which contains an attached message B, where B is encrypted or... Moderate Unreviewed

CVE-2022-1520 was published Dec 22, 2022

The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up... Moderate Unreviewed

CVE-2022-4036 was published Nov 29, 2022

The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named ... Moderate Unreviewed

CVE-2022-3206 was published Oct 17, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

175 advisories