GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,567
Composer 4,697
Erlang 34
GitHub Actions 28
Go 2,289
Maven 5,573
npm 3,936
NuGet 708
pip 3,706
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,136

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

80 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed

CVE-2025-24008 was published May 13, 2025

B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography... High Unreviewed

CVE-2024-0220 was published Feb 22, 2024

SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or... High Unreviewed

CVE-2017-17763 was published May 13, 2022

On iSmartAlarm cube devices, there is Incorrect Access Control because a "new key" is transmitted... High Unreviewed

CVE-2017-7729 was published May 13, 2022

Acronis True Image up to and including version 2017 Build 8053 performs software updates using... High Unreviewed

CVE-2017-3219 was published May 13, 2022

The auto-update feature of Open Embedded Linux Entertainment Center (OpenELEC) 6.0.3, 7.0.1, and... High Unreviewed

CVE-2017-6445 was published May 13, 2022

BigFix deployments that have installed the Notification Service on Windows are susceptible to... High Unreviewed

CVE-2022-38658 was published Dec 24, 2022

A local user may find a configuration file on the client workstation with unencrypted sensitive... High Unreviewed

CVE-2024-23942 was published Mar 18, 2025

The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is... High Unreviewed

CVE-2023-32290 was published May 7, 2023

Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An... High Unreviewed

CVE-2023-30602 was published Jul 6, 2023

Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what... High Unreviewed

CVE-2023-4537 was published Feb 15, 2024

IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before... High Unreviewed

CVE-2023-33837 was published Oct 23, 2023

Credentials to access device configuration were transmitted using an unencrypted protocol. These... High Unreviewed

CVE-2024-42495 was published Sep 6, 2024

Vulnerability of missing encryption in the card management module. Successful exploitation of... High Unreviewed

CVE-2023-44098 was published Nov 8, 2023

An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain... High Unreviewed

CVE-2024-42657 was published Aug 19, 2024

Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue... High Unreviewed

CVE-2024-7396 was published Aug 5, 2024

** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled.... High Unreviewed

CVE-2020-35587 was published May 24, 2022

MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way... High Unreviewed

CVE-2020-10273 was published May 24, 2022

IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to... High Unreviewed

CVE-2022-22401 was published Sep 9, 2023

A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to... High Unreviewed

CVE-2023-4420 was published Aug 24, 2023

An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive... High Unreviewed

CVE-2023-31822 was published Jul 13, 2023

An issue found in Shizutetsu Store v.13.6.1 allows a remote attacker to gain access to sensitive... High Unreviewed

CVE-2023-31820 was published Jul 13, 2023

An issue found in Inageya v.13.4.1 allows a remote attacker to gain access to sensitive... High Unreviewed

CVE-2023-31825 was published Jul 13, 2023

An issue found in KEISEI STORE Co, Ltd. LIVRE KEISEI v.13.6.1 allows a remote attacker to gain... High Unreviewed

CVE-2023-31819 was published Jul 13, 2023

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored... High Unreviewed

CVE-2023-37192 was published Jul 7, 2023

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

80 advisories