GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,868

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

386 advisories

Filter by severity

Sort by

Least recently updated

A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an... Moderate Unreviewed

CVE-2024-3387 was published Apr 10, 2024

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the... Moderate Unreviewed

CVE-2024-28755 was published Apr 3, 2024

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed

CVE-2022-32753 was published Mar 22, 2024

This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic... High Unreviewed

CVE-2024-25102 was published Mar 6, 2024

This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm ... High Unreviewed

CVE-2024-1224 was published Mar 6, 2024

An issue in AIT-Deutschland Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 and Novelan Heatpumps... Moderate Unreviewed

CVE-2024-22894 was published Jan 30, 2024

Lantronix XPort sends weakly encoded credentials within web request headers. Moderate Unreviewed

CVE-2023-7237 was published Jan 24, 2024

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Moderate Unreviewed

CVE-2024-20692 was published Jan 9, 2024

Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a... Moderate Unreviewed

CVE-2023-26942 was published Dec 5, 2023

Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a... Moderate Unreviewed

CVE-2023-26943 was published Dec 5, 2023

Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a... Moderate Unreviewed

CVE-2023-26941 was published Dec 5, 2023

Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 ... Low Unreviewed

CVE-2023-28896 was published Dec 1, 2023

An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to... Moderate Unreviewed

CVE-2023-48034 was published Nov 27, 2023

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and... Moderate Unreviewed

CVE-2023-43757 was published Nov 16, 2023

The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47370 was published Nov 9, 2023

The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47368 was published Nov 9, 2023

The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47373 was published Nov 9, 2023

The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to... Moderate Unreviewed

CVE-2023-47367 was published Nov 9, 2023

The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers... Moderate Unreviewed

CVE-2023-47372 was published Nov 9, 2023

The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47366 was published Nov 9, 2023

The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers... Moderate Unreviewed

CVE-2023-47369 was published Nov 9, 2023

The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47364 was published Nov 9, 2023

The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to... Moderate Unreviewed

CVE-2023-47365 was published Nov 9, 2023

The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send... Moderate Unreviewed

CVE-2023-47363 was published Nov 9, 2023

Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL). Moderate Unreviewed

CVE-2022-48193 was published Nov 6, 2023

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

386 advisories