GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,707
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,311
Maven 5,599
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,426

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

250 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI. Critical Unreviewed

CVE-2024-29151 was published Mar 18, 2024

IBM Watson CP4D Data Stores 4.6.0, 4.6.1, 4.6.2, and 4.6.3 does not encrypt sensitive or critical... Moderate Unreviewed

CVE-2023-27291 was published Mar 3, 2024

IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow a remote attacker to... Moderate Unreviewed

CVE-2021-39090 was published Feb 29, 2024

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography... High Unreviewed

CVE-2024-0220 was published Feb 22, 2024

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what... High Unreviewed

CVE-2023-4537 was published Feb 15, 2024

Missing encryption in the RFID tags of the Hozard alarm system (Alarmsysteem) v1.0 allow... Moderate Unreviewed

CVE-2023-50126 was published Jan 11, 2024

Missing encryption in the NFC tags of the Flient Smart Door Lock v1.0 allows attackers to create... Moderate Unreviewed

CVE-2023-50129 was published Jan 11, 2024

IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... Moderate Unreviewed

CVE-2023-38267 was published Jan 11, 2024

Google Nest WiFi Pro root code-execution & user-data compromise Critical Unreviewed

CVE-2023-6339 was published Jan 3, 2024

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data. High Unreviewed

CVE-2023-33037 was published Jan 2, 2024

When saving HSTS data to an excessively long file name, curl could end up removing all contents,... Moderate Unreviewed

CVE-2023-46219 was published Dec 12, 2023

IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of... Moderate Unreviewed

CVE-2023-42019 was published Dec 1, 2023

Vulnerability of missing encryption in the card management module. Successful exploitation of... High Unreviewed

CVE-2023-44098 was published Nov 8, 2023

The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive... Moderate Unreviewed

CVE-2023-33228 was published Nov 1, 2023

Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM ... Critical Unreviewed

CVE-2023-41095 was published Oct 26, 2023

Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ... Moderate Unreviewed

CVE-2023-41096 was published Oct 26, 2023

IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before... High Unreviewed

CVE-2023-33837 was published Oct 23, 2023

IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2022-22386 was published Oct 17, 2023

IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2022-22377 was published Oct 17, 2023

IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2022-33161 was published Oct 14, 2023

A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN... Moderate Unreviewed

CVE-2023-23371 was published Oct 6, 2023

Push notifications stored on disk in private browsing mode were not being encrypted potentially... Moderate Unreviewed

CVE-2023-4580 was published Sep 11, 2023

IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to... High Unreviewed

CVE-2022-22401 was published Sep 9, 2023

IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by... Moderate Unreviewed

CVE-2022-22405 was published Sep 8, 2023

IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain... Low Unreviewed

CVE-2023-33833 was published Aug 31, 2023

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

250 advisories