GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
446 advisories
Filter by severity
Missing Encryption of Sensitive DataCAPEC- vulnerability in Genians Genian NAC V4.0, Genians...
Moderate
Unreviewed
CVE-2023-40251
was published
Aug 17, 2023
A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as...
Low
Unreviewed
CVE-2023-4384
was published
Aug 16, 2023
Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to...
Low
Unreviewed
CVE-2023-39843
was published
Aug 15, 2023
Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows...
Low
Unreviewed
CVE-2023-39842
was published
Aug 15, 2023
Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to...
Moderate
Unreviewed
CVE-2023-39841
was published
Aug 15, 2023
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated,...
Moderate
Unreviewed
CVE-2023-37858
was published
Aug 9, 2023
MindsDB can be made to not verify SSL certificates
Critical
CVE-2023-38699
was published
for
MindsDB
(pip)
Aug 1, 2023
twitch-tui's connection is not encrypted
High
CVE-2023-38688
was published
for
twitch-tui
(Rust)
Jul 31, 2023
The data flowing between the PCU and its modules is insecure. A threat actor with physical access...
Moderate
Unreviewed
CVE-2023-30561
was published
Jul 13, 2023
An issue found in KEISEI STORE Co, Ltd. LIVRE KEISEI v.13.6.1 allows a remote attacker to gain...
High
Unreviewed
CVE-2023-31819
was published
Jul 13, 2023
An issue found in Shizutetsu Store v.13.6.1 allows a remote attacker to gain access to sensitive...
High
Unreviewed
CVE-2023-31820
was published
Jul 13, 2023
An issue found in Inageya v.13.4.1 allows a remote attacker to gain access to sensitive...
High
Unreviewed
CVE-2023-31825
was published
Jul 13, 2023
An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive...
High
Unreviewed
CVE-2023-31822
was published
Jul 13, 2023
Jenkins Active Directory Plugin vulnerable to Active Directory credential disclosure
Moderate
CVE-2023-37943
was published
for
org.jenkins-ci.plugins:active-directory
(Maven)
Jul 12, 2023
Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored...
High
Unreviewed
CVE-2023-37192
was published
Jul 7, 2023
Hitron Technologies CODA-5310’s Telnet function transfers sensitive data in plaintext. An...
High
Unreviewed
CVE-2023-30602
was published
Jul 6, 2023
HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured
High
CVE-2023-0690
was published
for
github.com/hashicorp/boundary
(Go)
Jul 6, 2023
The physical IoT device of the AliveCor's KardiaMobile, a smartphone-based personal...
High
Unreviewed
CVE-2022-41627
was published
Jul 6, 2023
IBM TXSeries for Multiplatforms 8.1, 8.2, 9.1, CICS TX Standard, 11.1, CICS TX Advanced 10.1, and...
Low
Unreviewed
CVE-2023-33849
was published
Jun 8, 2023
An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely...
High
Unreviewed
CVE-2023-34258
was published
May 31, 2023
Dell CloudIQ Collector version 1.10.2 contains a missing encryption of sensitive data...
High
Unreviewed
CVE-2023-28045
was published
May 19, 2023
Jenkins Ansible Plugin stores and displays secrets in plain text
Moderate
CVE-2023-32982
was published
for
org.jenkins-ci.plugins:ansible
(Maven)
May 16, 2023
AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific...
Moderate
Unreviewed
CVE-2023-21404
was published
May 8, 2023
The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is...
High
Unreviewed
CVE-2023-32290
was published
May 7, 2023
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is unsecured read access...
Moderate
Unreviewed
CVE-2023-22948
was published
Apr 13, 2023
ProTip!
Advisories are also available from the
GraphQL API