GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
446 advisories
Filter by severity
Unencrypted ingress/health traffic when using Wireguard transparent encryption
Moderate
CVE-2024-25630
was published
for
github.com/cilium/cilium
(Go)
Feb 20, 2024
Comarch ERP XL client is vulnerable to MS SQL protocol downgrade request from a server side, what...
High
Unreviewed
CVE-2023-4537
was published
Feb 15, 2024
1Panel set-cookie is missing the Secure keyword
Moderate
CVE-2024-24768
was published
for
github.com/1Panel-dev/1Panel
(Go)
Feb 5, 2024
Missing encryption in the RFID tags of the Hozard alarm system (Alarmsysteem) v1.0 allow...
Moderate
Unreviewed
CVE-2023-50126
was published
Jan 11, 2024
Missing encryption in the NFC tags of the Flient Smart Door Lock v1.0 allows attackers to create...
Moderate
Unreviewed
CVE-2023-50129
was published
Jan 11, 2024
IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
Moderate
Unreviewed
CVE-2023-38267
was published
Jan 11, 2024
Google Nest WiFi Pro root code-execution & user-data compromise
Critical
Unreviewed
CVE-2023-6339
was published
Jan 3, 2024
Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.
High
Unreviewed
CVE-2023-33037
was published
Jan 2, 2024
When saving HSTS data to an excessively long file name, curl could end up
removing all contents,...
Moderate
Unreviewed
CVE-2023-46219
was published
Dec 12, 2023
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of...
Moderate
Unreviewed
CVE-2023-42019
was published
Dec 1, 2023
Vulnerability of missing encryption in the card management module. Successful exploitation of...
High
Unreviewed
CVE-2023-44098
was published
Nov 8, 2023
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive...
Moderate
Unreviewed
CVE-2023-33228
was published
Nov 1, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs OpenThread SDK on 32 bit, ARM ...
Critical
Unreviewed
CVE-2023-41095
was published
Oct 26, 2023
Missing Encryption of Security Keys vulnerability in Silicon Labs Ember ZNet SDK on 32 bit, ARM ...
Moderate
Unreviewed
CVE-2023-41096
was published
Oct 26, 2023
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before...
High
Unreviewed
CVE-2023-33837
was published
Oct 23, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2022-22386
was published
Oct 17, 2023
IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2022-22377
was published
Oct 17, 2023
IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2022-33161
was published
Oct 14, 2023
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN...
Moderate
Unreviewed
CVE-2023-23371
was published
Oct 6, 2023
Croc requires senders to provide local IP addresses in cleartext
Moderate
CVE-2023-43618
was published
for
github.com/schollz/croc/v9
(Go)
Sep 20, 2023
Push notifications stored on disk in private browsing mode were not being encrypted potentially...
Moderate
Unreviewed
CVE-2023-4580
was published
Sep 11, 2023
IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to...
High
Unreviewed
CVE-2022-22401
was published
Sep 9, 2023
IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by...
Moderate
Unreviewed
CVE-2022-22405
was published
Sep 8, 2023
IBM Security Verify Information Queue 10.0.4 and 10.0.5 stores sensitive information in plain...
Low
Unreviewed
CVE-2023-33833
was published
Aug 31, 2023
A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to...
High
Unreviewed
CVE-2023-4420
was published
Aug 24, 2023
ProTip!
Advisories are also available from the
GraphQL API