GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

75 advisories

Filter by severity

Sort by

Least recently updated

Credentials to access device configuration were transmitted using an unencrypted protocol. These... High Unreviewed

CVE-2024-42495 was published Sep 6, 2024

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed

CVE-2024-42657 was published Aug 19, 2024

Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue... High Unreviewed

CVE-2024-7396 was published Aug 5, 2024

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography... High Unreviewed

CVE-2024-0220 was published Feb 22, 2024

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what... High Unreviewed

CVE-2023-4537 was published Feb 15, 2024

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. High Unreviewed

CVE-2023-33037 was published Jan 2, 2024

Vulnerability of missing encryption in the card management module. Successful exploitation of... High Unreviewed

CVE-2023-44098 was published Nov 8, 2023

IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before... High Unreviewed

CVE-2023-33837 was published Oct 23, 2023

IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to... High Unreviewed

CVE-2022-22401 was published Sep 9, 2023

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to... High Unreviewed

CVE-2023-4420 was published Aug 24, 2023

An issue found in KEISEI STORE Co, Ltd. LIVRE KEISEI v.13.6.1 allows a remote attacker to gain... High Unreviewed

CVE-2023-31819 was published Jul 13, 2023

An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive... High Unreviewed

CVE-2023-31822 was published Jul 13, 2023

An issue found in Inageya v.13.4.1 allows a remote attacker to gain access to sensitive... High Unreviewed

CVE-2023-31825 was published Jul 13, 2023

An issue found in Shizutetsu Store v.13.6.1 allows a remote attacker to gain access to sensitive... High Unreviewed

CVE-2023-31820 was published Jul 13, 2023

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored... High Unreviewed

CVE-2023-37192 was published Jul 7, 2023

Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An... High Unreviewed

CVE-2023-30602 was published Jul 6, 2023

The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based personal... High Unreviewed

CVE-2022-41627 was published Jul 6, 2023

An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely... High Unreviewed

CVE-2023-34258 was published May 31, 2023

Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data... High Unreviewed

CVE-2023-28045 was published May 19, 2023

The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is... High Unreviewed

CVE-2023-32290 was published May 7, 2023

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded opt/axess/AXAssets/default_axess/axess... High Unreviewed

CVE-2020-15340 was published Sep 30, 2022

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists that could allow... High Unreviewed

CVE-2022-30237 was published Jun 3, 2022

ECOA BAS controller stores sensitive data (backup exports) in clear-text, thus the... High Unreviewed

CVE-2021-41302 was published May 24, 2022

An issue has been identified in the CTX269106 mitigation tool for Citrix ShareFile storage zones... High Unreviewed

CVE-2021-22932 was published May 24, 2022

A vulnerability has been identified in Climatix POL909 (AWM module) (All versions < V11.34). The... High Unreviewed

CVE-2021-40366 was published May 24, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

75 advisories