GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,194
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,281
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,149

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

190 advisories

Filter by severity

Sort by

Least recently updated

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed

CVE-2023-40660 was published Nov 6, 2023

Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A... Moderate Unreviewed

CVE-2023-39252 was published Sep 21, 2023

IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to... Moderate Unreviewed

CVE-2023-40371 was published Aug 24, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4327 was published Aug 15, 2023

SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and... Moderate Unreviewed

CVE-2023-37484 was published Aug 8, 2023

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused... Moderate Unreviewed

CVE-2023-35890 was published Jul 7, 2023

The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure... Moderate Unreviewed

CVE-2023-36608 was published Jul 3, 2023

Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade... Moderate Unreviewed

CVE-2023-28043 was published Jun 1, 2023

A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support... Moderate Unreviewed

CVE-2022-40722 was published Apr 25, 2023

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can... Moderate Unreviewed

CVE-2022-45170 was published Apr 14, 2023

Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm... Moderate Unreviewed

CVE-2023-23695 was published Feb 17, 2023

Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote... Moderate Unreviewed

CVE-2022-22564 was published Feb 14, 2023

IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker... Moderate Unreviewed

CVE-2022-35720 was published Feb 8, 2023

All versions of Econolite EOS traffic control software are vulnerable to CWE-328: Use of Weak... Moderate Unreviewed

CVE-2023-0452 was published Jan 26, 2023

The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health... Moderate Unreviewed

CVE-2023-0296 was published Jan 17, 2023

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum... Moderate Unreviewed

CVE-2021-36647 was published Jan 17, 2023

In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing... Moderate Unreviewed

CVE-2022-20513 was published Dec 20, 2022

A vulnerability, which was classified as problematic, has been found in Click Studios... Moderate Unreviewed

CVE-2022-4610 was published Dec 19, 2022

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a... Moderate Unreviewed

CVE-2022-46832 was published Dec 13, 2022

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a... Moderate Unreviewed

CVE-2022-46833 was published Dec 13, 2022

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an... Moderate Unreviewed

CVE-2022-46140 was published Dec 13, 2022

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a... Moderate Unreviewed

CVE-2022-46834 was published Dec 13, 2022

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a... Moderate Unreviewed

CVE-2022-27581 was published Dec 13, 2022

SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation... Moderate Unreviewed

CVE-2022-45195 was published Nov 13, 2022

WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An... Moderate Unreviewed

CVE-2022-29835 was published Sep 20, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

190 advisories