GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

386 advisories

Filter by severity

Sort by

Least recently updated

In multiple places of AccessibilityService, there is a possible way to hide the app from the user... High Unreviewed

CVE-2023-21109 was published May 16, 2023

Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40... High Unreviewed

CVE-2022-4048 was published May 15, 2023

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... High Unreviewed

CVE-2023-30351 was published May 10, 2023

Improper usage of symmetric encryption in UI Desktop for Windows (Version 0.59.1.71 and earlier)... Moderate Unreviewed

CVE-2023-28124 was published Apr 19, 2023

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE... Moderate Unreviewed

CVE-2023-29054 was published Apr 11, 2023

Inadequate encryption strength vulnerability in CONPROSYS IoT Gateway products allows a remote... High Unreviewed

CVE-2023-27389 was published Apr 11, 2023

Experience Manager versions 6.5.15.0 (and earlier) are affected by a Weak Cryptography for... Moderate Unreviewed

CVE-2023-22271 was published Mar 22, 2023

An improper access control vulnerability exists prior to v6 that could allow an attacker to break... High Unreviewed

CVE-2023-23911 was published Mar 11, 2023

Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by... Critical Unreviewed

CVE-2022-45141 was published Mar 7, 2023

Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a... High Unreviewed

CVE-2022-43460 was published Feb 13, 2023

Dell PowerScale OneFS, versions 8.2.x through 9.3.x contain a weak encoding for a password. A... Moderate Unreviewed

CVE-2022-34445 was published Feb 11, 2023

SupportAssist for Home PCs (version 3.11.4 and prior) and SupportAssist for Business PCs (version... Moderate Unreviewed

CVE-2022-34385 was published Feb 11, 2023

Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows... High Unreviewed

CVE-2023-21443 was published Feb 9, 2023

Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers... High Unreviewed

CVE-2023-21444 was published Feb 9, 2023

An unauthorized user with network access and the decryption key could decrypt sensitive data,... High Unreviewed

CVE-2022-38469 was published Jan 18, 2023

DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt... Moderate Unreviewed

CVE-2021-40341 was published Jan 6, 2023

Certain General Electric Renewable Energy products have inadequate encryption strength. This... Critical Unreviewed

CVE-2022-24116 was published Dec 26, 2022

When viewing an email message A, which contains an attached message B, where B is encrypted or... Moderate Unreviewed

CVE-2022-1520 was published Dec 22, 2022

In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is... High Unreviewed

CVE-2022-38659 was published Dec 19, 2022

In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open... Low Unreviewed

CVE-2022-46825 was published Dec 8, 2022

The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up... Moderate Unreviewed

CVE-2022-4036 was published Nov 29, 2022

The application was signed using a key length less than or equal to 1024 bits, making it... High Unreviewed

CVE-2020-4099 was published Nov 1, 2022

The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named ... Moderate Unreviewed

CVE-2022-3206 was published Oct 17, 2022

SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses encryption method... Moderate Unreviewed

CVE-2022-41209 was published Oct 12, 2022

The aeson library is not safe to use to consume untrusted JSON input. A remote user could abuse... Moderate Unreviewed

CVE-2022-3433 was published Oct 11, 2022

Previous 1 2 3 4 5 6 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

386 advisories