GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,679
NuGet
649
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
421 advisories
Filter by severity
A compromised web child process could disable web security opening restrictions, leading to a new...
Moderate
Unreviewed
CVE-2023-23597
was published
Jun 2, 2023
Bramble Handshake Protocol (BHP) in Briar before 1.5.3 is not forward secure: eavesdroppers can...
Moderate
Unreviewed
CVE-2023-33982
was published
May 24, 2023
Dgraph Audit Log Encryption Vulnerability
Moderate
CVE-2023-31135
was published
for
github.com/dgraph-io/dgraph
(Go)
May 17, 2023
Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool...
Moderate
Unreviewed
CVE-2023-1764
was published
May 17, 2023
Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40...
High
Unreviewed
CVE-2022-4048
was published
May 15, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard...
High
Unreviewed
CVE-2023-30351
was published
May 10, 2023
Improper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and earlier)...
Moderate
Unreviewed
CVE-2023-28124
was published
Apr 19, 2023
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE...
Moderate
Unreviewed
CVE-2023-29054
was published
Apr 11, 2023
Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote...
High
Unreviewed
CVE-2023-27389
was published
Apr 11, 2023
Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for...
Moderate
Unreviewed
CVE-2023-22271
was published
Mar 22, 2023
An improper access control vulnerability exists prior to v6 that could allow an attacker to break...
High
Unreviewed
CVE-2023-23911
was published
Mar 11, 2023
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by...
Critical
Unreviewed
CVE-2022-45141
was published
Mar 7, 2023
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a...
High
Unreviewed
CVE-2022-43460
was published
Feb 13, 2023
Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A...
Moderate
Unreviewed
CVE-2022-34445
was published
Feb 11, 2023
SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version...
Moderate
Unreviewed
CVE-2022-34385
was published
Feb 11, 2023
Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers...
High
Unreviewed
CVE-2023-21444
was published
Feb 9, 2023
Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows...
High
Unreviewed
CVE-2023-21443
was published
Feb 9, 2023
An unauthorized user with network access and the decryption key could decrypt sensitive data,...
High
Unreviewed
CVE-2022-38469
was published
Jan 18, 2023
DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt...
Moderate
Unreviewed
CVE-2021-40341
was published
Jan 6, 2023
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
Moderate
CVE-2022-2582
was published
for
github.com/aws/aws-sdk-go
(Go)
Dec 28, 2022
Certain General Electric Renewable Energy products have inadequate encryption strength. This...
Critical
Unreviewed
CVE-2022-24116
was published
Dec 26, 2022
When viewing an email message A, which contains an attached message B, where B is encrypted or...
Moderate
Unreviewed
CVE-2022-1520
was published
Dec 22, 2022
In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is...
High
Unreviewed
CVE-2022-38659
was published
Dec 19, 2022
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open...
Low
Unreviewed
CVE-2022-46825
was published
Dec 8, 2022
The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up...
Moderate
Unreviewed
CVE-2022-4036
was published
Nov 29, 2022
ProTip!
Advisories are also available from the
GraphQL API