Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

234 advisories

Loading
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography... High Unreviewed
CVE-2024-0220 was published Feb 22, 2024
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before... High Unreviewed
CVE-2023-33837 was published Oct 23, 2023
IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical... Moderate Unreviewed
CVE-2023-27291 was published Mar 3, 2024
A vulnerability in Cisco Duo Epic for Hyperdrive could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2024-20503 was published Sep 4, 2024
Credentials to access device configuration were transmitted using an unencrypted protocol. These... High Unreviewed
CVE-2024-42495 was published Sep 6, 2024
Vulnerability of missing encryption in the card management module. Successful exploitation of... High Unreviewed
CVE-2023-44098 was published Nov 8, 2023
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to... Moderate Unreviewed
CVE-2024-39746 was published Aug 22, 2024
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed
CVE-2024-42657 was published Aug 19, 2024
IBM QRadar Network Packet Capture 7.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-31905 was published Aug 15, 2024
CVE-2024-40620 IMPACT A vulnerability exists in the affected product due to lack of encryption... Moderate Unreviewed
CVE-2024-40620 was published Aug 14, 2024
Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI. Critical Unreviewed
CVE-2024-29151 was published Mar 18, 2024
Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue... High Unreviewed
CVE-2024-7396 was published Aug 5, 2024
An issue was discovered in Samsung Mobile Processor, Automotive Processor, Wearable Processor,... Moderate Unreviewed
CVE-2023-49927 was published Jun 5, 2024
Dell Data Lakehouse, version(s) 1.0.0.0, contain(s) a Missing Encryption of Sensitive Data... Moderate Unreviewed
CVE-2024-38302 was published Jul 18, 2024
** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled.... High Unreviewed
CVE-2020-35587 was published May 24, 2022
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel... Moderate Unreviewed
CVE-2019-1547 was published May 24, 2022
A vulnerability in the IPS Manager, Central Manager, and Local Manager communication workflow... Moderate Unreviewed
CVE-2024-5731 was published Jun 14, 2024
Sensitive customer information is stored in the device without encryption. Unknown Unreviewed
CVE-2024-38283 was published Jun 13, 2024
Vulnerable data in transit in GE HealthCare EchoPAC products Moderate Unreviewed
CVE-2024-27106 was published May 14, 2024
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and... Low Unreviewed
CVE-2023-33849 was published Jun 8, 2023
MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way... High Unreviewed
CVE-2020-10273 was published May 24, 2022
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2022-22386 was published Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2022-22377 was published Oct 17, 2023
IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2022-33161 was published Oct 14, 2023
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN... Moderate Unreviewed
CVE-2023-23371 was published Oct 6, 2023
ProTip! Advisories are also available from the GraphQL API