GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
415 advisories
Filter by severity
This vulnerability exists in USB Pratirodh due to the usage of a weaker cryptographic algorithm ...
High
Unreviewed
CVE-2024-1224
was published
Mar 6, 2024
An issue in AIT-Deutschland Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 and Novelan Heatpumps...
Moderate
Unreviewed
CVE-2024-22894
was published
Jan 30, 2024
Dex discarding TLSconfig and always serves deprecated TLS 1.0/1.1 and insecure ciphers
High
CVE-2024-23656
was published
for
github.com/dexidp/dex
(Go)
Jan 26, 2024
Lantronix XPort sends weakly encoded credentials within web request headers.
Moderate
Unreviewed
CVE-2023-7237
was published
Jan 24, 2024
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-20692
was published
Jan 9, 2024
Weak encryption mechanisms in RFID Tags in Yale IA-210 Alarm v1.0 allows attackers to create a...
Moderate
Unreviewed
CVE-2023-26942
was published
Dec 5, 2023
Weak encryption mechanisms in RFID Tags in Yale Keyless Lock v1.0 allows attackers to create a...
Moderate
Unreviewed
CVE-2023-26943
was published
Dec 5, 2023
Weak encryption mechanisms in RFID Tags in Yale Conexis L1 v1.1.0 allows attackers to create a...
Moderate
Unreviewed
CVE-2023-26941
was published
Dec 5, 2023
Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 ...
Low
Unreviewed
CVE-2023-28896
was published
Dec 1, 2023
An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to...
Moderate
Unreviewed
CVE-2023-48034
was published
Nov 27, 2023
Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and...
Moderate
Unreviewed
CVE-2023-43757
was published
Nov 16, 2023
esptool allows attackers to view sensitive information via weak cryptographic algorithm
High
CVE-2023-46894
was published
for
esptool
(pip)
Nov 9, 2023
The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47368
was published
Nov 9, 2023
The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47373
was published
Nov 9, 2023
The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers...
Moderate
Unreviewed
CVE-2023-47372
was published
Nov 9, 2023
The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers...
Moderate
Unreviewed
CVE-2023-47369
was published
Nov 9, 2023
The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47370
was published
Nov 9, 2023
The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to...
Moderate
Unreviewed
CVE-2023-47367
was published
Nov 9, 2023
The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47366
was published
Nov 9, 2023
The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47364
was published
Nov 9, 2023
The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send...
Moderate
Unreviewed
CVE-2023-47363
was published
Nov 9, 2023
The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to...
Moderate
Unreviewed
CVE-2023-47365
was published
Nov 9, 2023
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL).
Moderate
Unreviewed
CVE-2022-48193
was published
Nov 6, 2023
mycli has Inadequate Encryption Strength
Moderate
CVE-2023-44690
was published
for
mycli
(pip)
Oct 20, 2023
ProTip!
Advisories are also available from the
GraphQL API