GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
432 advisories
Filter by severity
Rockwell Automation ThinManager product allows the use of medium strength ciphers. If the...
High
Unreviewed
CVE-2023-2443
was published
Jul 6, 2023
HashiCorp Vault Enterprise 1.13.0 up to 1.13.1 is vulnerable to a padding oracle attack when...
Unknown
Unreviewed
CVE-2023-2197
was published
Jul 6, 2023
Electra Central AC unit – The unit opens an AP with an easily calculated password.
Moderate
Unreviewed
CVE-2023-24502
was published
Jul 6, 2023
Apache Linkis Authentication Bypass vulnerability
Critical
CVE-2023-27987
was published
for
org.apache.linkis:linkis
(Maven)
Jul 6, 2023
The Config-files of Horner Automation’s RCC 972 with firmware version 15.40 are encrypted with...
High
Unreviewed
CVE-2022-2640
was published
Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption...
High
Unreviewed
CVE-2023-34337
was published
Jul 5, 2023
An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it...
Moderate
Unreviewed
CVE-2023-37301
was published
Jun 30, 2023
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of...
High
Unreviewed
CVE-2023-36539
was published
Jun 30, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app...
High
Unreviewed
CVE-2023-32414
was published
Jun 23, 2023
Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains...
Moderate
Unreviewed
CVE-2023-33283
was published
Jun 7, 2023
Under certain circumstances, a call to the <code>bind</code> function may have resulted in the...
Moderate
Unreviewed
CVE-2023-29549
was published
Jun 2, 2023
A compromised web child process could disable web security opening restrictions, leading to a new...
Moderate
Unreviewed
CVE-2023-23597
was published
Jun 2, 2023
Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can...
Moderate
Unreviewed
CVE-2023-33982
was published
May 24, 2023
Dgraph Audit Log Encryption Vulnerability
Moderate
CVE-2023-31135
was published
for
github.com/dgraph-io/dgraph
(Go)
May 17, 2023
Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool...
Moderate
Unreviewed
CVE-2023-1764
was published
May 17, 2023
Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40...
High
Unreviewed
CVE-2022-4048
was published
May 15, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard...
High
Unreviewed
CVE-2023-30351
was published
May 10, 2023
Improper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and earlier)...
Moderate
Unreviewed
CVE-2023-28124
was published
Apr 19, 2023
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE...
Moderate
Unreviewed
CVE-2023-29054
was published
Apr 11, 2023
Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote...
High
Unreviewed
CVE-2023-27389
was published
Apr 11, 2023
Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for...
Moderate
Unreviewed
CVE-2023-22271
was published
Mar 22, 2023
An improper access control vulnerability exists prior to v6 that could allow an attacker to break...
High
Unreviewed
CVE-2023-23911
was published
Mar 11, 2023
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by...
Critical
Unreviewed
CVE-2022-45141
was published
Mar 7, 2023
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a...
High
Unreviewed
CVE-2022-43460
was published
Feb 13, 2023
Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A...
Moderate
Unreviewed
CVE-2022-34445
was published
Feb 11, 2023
ProTip!
Advisories are also available from the
GraphQL API