Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

192 advisories

Loading
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to... Moderate Unreviewed
CVE-2023-48034 was published Nov 27, 2023
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and... Moderate Unreviewed
CVE-2023-43757 was published Nov 16, 2023
The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47368 was published Nov 9, 2023
The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47370 was published Nov 9, 2023
The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to... Moderate Unreviewed
CVE-2023-47367 was published Nov 9, 2023
The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47366 was published Nov 9, 2023
The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers... Moderate Unreviewed
CVE-2023-47369 was published Nov 9, 2023
The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers... Moderate Unreviewed
CVE-2023-47372 was published Nov 9, 2023
The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47373 was published Nov 9, 2023
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). Moderate Unreviewed
CVE-2022-48193 was published Nov 6, 2023
The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47364 was published Nov 9, 2023
The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed
CVE-2023-47363 was published Nov 9, 2023
The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to... Moderate Unreviewed
CVE-2023-47365 was published Nov 9, 2023
Dgraph Audit Log Encryption Vulnerability Moderate
CVE-2023-31135 was published for github.com/dgraph-io/dgraph (Go) May 17, 2023
HakuPiku joshua-goldstein
skrdgraph
Zabbix before 5.0 represents passwords in the users table with unsalted MD5. Moderate Unreviewed
CVE-2013-7484 was published May 5, 2022
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS,... Moderate Unreviewed
CVE-2021-36769 was published May 24, 2022
The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is... Moderate Unreviewed
CVE-2021-31797 was published May 24, 2022
The fingerprint module has a security risk of brute force cracking. Successful exploitation of... Moderate Unreviewed
CVE-2021-40006 was published Jan 11, 2022
In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment... Moderate Unreviewed
CVE-2021-37540 was published May 24, 2022
In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data. Moderate Unreviewed
CVE-2021-37588 was published May 24, 2022
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function... Moderate Unreviewed
CVE-2021-23126 was published May 24, 2022
An entity in Network Configuration Manager product is misconfigured and exposing password field... Moderate Unreviewed
CVE-2021-35226 was published Oct 11, 2022
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0... Moderate Unreviewed
CVE-2022-32222 was published Jul 15, 2022
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure... Moderate Unreviewed
CVE-2022-30683 was published Sep 17, 2022
WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An... Moderate Unreviewed
CVE-2022-29835 was published Sep 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database