Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

169 advisories

Loading
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform ... High Unreviewed
CVE-2019-13539 was published May 24, 2022
In Modem, there is a possible information disclosure due to incorrect error handling. This could... High Unreviewed
CVE-2025-20667 was published May 5, 2025
Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management... High Unreviewed
CVE-2025-46626 was published May 2, 2025
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no... High Unreviewed
CVE-2017-17436 was published May 14, 2022
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow... High Unreviewed
CVE-2016-2379 was published May 17, 2022
hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and... High Unreviewed
CVE-2016-10102 was published May 17, 2022
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may... High Unreviewed
CVE-2020-14481 was published Feb 25, 2022
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict... High Unreviewed
CVE-2014-0224 was published May 13, 2022
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier... High Unreviewed
CVE-2013-4508 was published May 13, 2022
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a... High Unreviewed
CVE-2022-43460 was published Feb 13, 2023
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC... High Unreviewed
CVE-2024-54089 was published Feb 11, 2025
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa... High Unreviewed
CVE-2024-29950 was published Apr 17, 2024
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0... High Unreviewed
CVE-2024-29969 was published Apr 19, 2024
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... High Unreviewed
CVE-2023-30351 was published May 10, 2023
In multiple places of AccessibilityService, there is a possible way to hide the app from the user... High Unreviewed
CVE-2023-21109 was published May 16, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app... High Unreviewed
CVE-2023-32414 was published Jun 23, 2023
A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software... High Unreviewed
CVE-2020-3549 was published May 24, 2022
An unauthenticated local attacker can decrypt the devices config file and therefore compromise... High Unreviewed
CVE-2024-45273 was published Oct 15, 2024
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive... High Unreviewed
CVE-2024-41594 was published Oct 3, 2024
The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain... High Unreviewed
CVE-2024-8455 was published Sep 30, 2024
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords. High Unreviewed
CVE-2024-22892 was published Sep 25, 2024
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard... High Unreviewed
CVE-2022-1252 was published Apr 12, 2022
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of... High Unreviewed
CVE-2023-36539 was published Jun 30, 2023
Insufficient or weak TLS protocol version identified in Advance authentication client server... High Unreviewed
CVE-2021-38121 was published Aug 28, 2024
Inadequate encryption strength for some BMRA software before version 22.08 may allow an... High Unreviewed
CVE-2024-21787 was published Aug 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database