GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,087
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,086
Maven 5,251
npm 3,747
NuGet 674
pip 3,436
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,563

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

190 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers ... High Unreviewed

CVE-2020-27213 was published Oct 10, 2023

An authentication bypass vulnerability exists in the OAS Engine authentication functionality of... High Unreviewed

CVE-2023-34353 was published Sep 5, 2023

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass... Critical Unreviewed

CVE-2023-39979 was published Sep 2, 2023

Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper... Critical Unreviewed

CVE-2023-4344 was published Aug 15, 2023

Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R... Moderate Unreviewed

CVE-2023-24478 was published Aug 15, 2023

Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation... Critical Unreviewed

CVE-2023-3373 was published Aug 4, 2023

Functions with insufficient randomness were used to generate authorization tokens of the... High Unreviewed

CVE-2023-26451 was published Aug 2, 2023

A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster... Low Unreviewed

CVE-2023-3803 was published Jul 21, 2023

A vulnerability in the Cisco ACI Multi-Site CloudSec encryption feature of Cisco Nexus 9000... High Unreviewed

CVE-2023-20185 was published Jul 12, 2023

Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow... Moderate Unreviewed

CVE-2022-43485 was published Jul 6, 2023

Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of... High Unreviewed

CVE-2023-1385 was published Jul 6, 2023

Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S,... Moderate Unreviewed

CVE-2022-26080 was published Jul 6, 2023

Use of insufficiently random values vulnerability in User Management Functionality in Synology... High Unreviewed

CVE-2023-2729 was published Jun 13, 2023

Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. An attacker... High Unreviewed

CVE-2023-1898 was published Jun 12, 2023

Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random... Critical Unreviewed

CVE-2023-2884 was published May 25, 2023

A vulnerability was found in Konga 2.8.3 on Kong. It has been classified as problematic. This... Low Unreviewed

CVE-2023-2418 was published Apr 29, 2023

The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers... High Unreviewed

CVE-2023-26855 was published Apr 4, 2023

Akuvox E11 contains a function that encrypts messages which are then forwarded. The IV vector and... High Unreviewed

CVE-2023-0343 was published Mar 31, 2023

This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed

CVE-2022-43636 was published Mar 29, 2023

A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the... Moderate Unreviewed

CVE-2023-20016 was published Feb 23, 2023

KASAGO TCP/IP stack provided by Zuken Elmic generates ISNs(Initial Sequence Number) for TCP... Critical Unreviewed

CVE-2022-43501 was published Feb 10, 2023

An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39... Moderate Unreviewed

CVE-2023-22912 was published Jan 20, 2023

Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017... High Unreviewed

CVE-2017-5242 was published Jan 13, 2023

InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version... High Unreviewed

CVE-2023-22601 was published Jan 13, 2023

A vulnerability has been found in Morgawr Muon 0.1.1 and classified as problematic. Affected by... High Unreviewed

CVE-2019-25089 was published Dec 27, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

190 advisories