GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
61 advisories
Filter by severity
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4328
was published
Aug 15, 2023
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz -...
Critical
Unreviewed
CVE-2023-3632
was published
Aug 9, 2023
The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information...
Moderate
Unreviewed
CVE-2023-3947
was published
Jul 26, 2023
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that...
Moderate
Unreviewed
CVE-2023-35763
was published
Jul 18, 2023
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This...
High
Unreviewed
CVE-2023-34123
was published
Jul 13, 2023
Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious...
Critical
Unreviewed
CVE-2023-2158
was published
Jul 6, 2023
Horner Automation’s RCC 972 with firmware version 15.40 has a static encryption key on the device...
Critical
Unreviewed
CVE-2022-2641
was published
Jul 6, 2023
An authentication bypass vulnerability exists in the requestHandlers.js verifyToken functionality...
Critical
Unreviewed
CVE-2023-22844
was published
Jul 6, 2023
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded...
Critical
Unreviewed
CVE-2023-34338
was published
Jul 5, 2023
The User Registration plugin for WordPress is vulnerable to Sensitive Information Exposure due to...
High
Unreviewed
CVE-2023-3371
was published
Jun 27, 2023
Rockwell Automation's FactoryTalk System Services uses a hard-coded cryptographic key to...
High
Unreviewed
CVE-2023-2637
was published
Jun 13, 2023
Akuvox E11 uses a hard-coded cryptographic key, which could allow an attacker to decrypt...
High
Unreviewed
CVE-2023-0355
was published
Mar 13, 2023
A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an...
High
Unreviewed
CVE-2023-20038
was published
Jan 20, 2023
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a...
High
Unreviewed
CVE-2022-2660
was published
Dec 14, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
High
Unreviewed
CVE-2022-29828
was published
Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
High
Unreviewed
CVE-2022-29827
was published
Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
Critical
Unreviewed
CVE-2022-29830
was published
Nov 25, 2022
Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 all versions...
High
Unreviewed
CVE-2022-29829
was published
Nov 25, 2022
A vulnerability in the web-based management interface of Cisco Email Security Appliance, Cisco...
High
Unreviewed
CVE-2022-20868
was published
Nov 4, 2022
The affected product uses a hard-coded blowfish key for encryption/decryption processes. The key...
High
Unreviewed
CVE-2021-38461
was published
May 24, 2022
A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3),...
High
Unreviewed
CVE-2021-27392
was published
May 24, 2022
A vulnerability has been identified in Opcenter Quality (All versions < V12.2), QMS Automotive ...
Critical
Unreviewed
CVE-2021-27389
was published
May 24, 2022
A vulnerability has been identified in SCALANCE X-300 switch family (incl. X408 and SIPLUS NET...
Moderate
Unreviewed
CVE-2020-28395
was published
May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ...
Moderate
Unreviewed
CVE-2020-28391
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3),...
High
Unreviewed
CVE-2020-25234
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API