GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,636
Composer 4,715
Erlang 34
GitHub Actions 29
Go 2,304
Maven 5,579
npm 3,946
NuGet 711
pip 3,717
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,162

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

250 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to... High Unreviewed

CVE-2023-4420 was published Aug 24, 2023

Missing Encryption of Sensitive DataCAPEC- vulnerability in Genians Genian NAC V4.0, Genians... Moderate Unreviewed

CVE-2023-40251 was published Aug 17, 2023

A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as... Low Unreviewed

CVE-2023-4384 was published Aug 16, 2023

Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows... Low Unreviewed

CVE-2023-39842 was published Aug 15, 2023

Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to... Low Unreviewed

CVE-2023-39843 was published Aug 15, 2023

Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to... Moderate Unreviewed

CVE-2023-39841 was published Aug 15, 2023

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,... Moderate Unreviewed

CVE-2023-37858 was published Aug 9, 2023

The data flowing between the PCU and its modules is insecure. A threat actor with physical access... Moderate Unreviewed

CVE-2023-30561 was published Jul 13, 2023

An issue found in Inageya v.13.4.1 allows a remote attacker to gain access to sensitive... High Unreviewed

CVE-2023-31825 was published Jul 13, 2023

An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive... High Unreviewed

CVE-2023-31822 was published Jul 13, 2023

An issue found in KEISEI STORE Co, Ltd. LIVRE KEISEI v.13.6.1 allows a remote attacker to gain... High Unreviewed

CVE-2023-31819 was published Jul 13, 2023

An issue found in Shizutetsu Store v.13.6.1 allows a remote attacker to gain access to sensitive... High Unreviewed

CVE-2023-31820 was published Jul 13, 2023

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored... High Unreviewed

CVE-2023-37192 was published Jul 7, 2023

Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An... High Unreviewed

CVE-2023-30602 was published Jul 6, 2023

The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based personal... High Unreviewed

CVE-2022-41627 was published Jul 6, 2023

IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and... Low Unreviewed

CVE-2023-33849 was published Jun 8, 2023

An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely... High Unreviewed

CVE-2023-34258 was published May 31, 2023

Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data... High Unreviewed

CVE-2023-28045 was published May 19, 2023

AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific... Moderate Unreviewed

CVE-2023-21404 was published May 8, 2023

The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is... High Unreviewed

CVE-2023-32290 was published May 7, 2023

An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access... Moderate Unreviewed

CVE-2023-22948 was published Apr 13, 2023

Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface.... Critical Unreviewed

CVE-2023-0750 was published Apr 6, 2023

A cleartext transmission vulnerability exists in the Remote Management functionality of Netgear... Moderate Unreviewed

CVE-2022-38458 was published Mar 21, 2023

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in Johnson Controls... Moderate Unreviewed

CVE-2022-21940 was published Feb 9, 2023

In Last Yard 22.09.8-1, the cookie can be stolen via via unencrypted traffic. Moderate Unreviewed

CVE-2022-47715 was published Feb 1, 2023

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

250 advisories