Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

506 advisories

Loading
Incorrect access control in TP-Link Tapo before v3.1.315 allows attackers to access user... Moderate Unreviewed
CVE-2023-34829 was published Dec 28, 2023
An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x... High Unreviewed
CVE-2023-28616 was published Dec 26, 2023
An attacker with network access could perform a man-in-the-middle (MitM) attack and capture... Moderate Unreviewed
CVE-2023-50703 was published Dec 20, 2023
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated... Critical Unreviewed
CVE-2023-39172 was published Dec 7, 2023
On affected platforms running Arista MOS, the configuration of a BGP password will cause the... Moderate Unreviewed
CVE-2023-24547 was published Dec 6, 2023
Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to... Moderate Unreviewed
CVE-2023-42579 was published Dec 5, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 is vulnerable to Insecure Permissions. An admin... High Unreviewed
CVE-2023-46385 was published Dec 1, 2023
LOYTEC electronics GmbH LINX Configurator 7.4.10 uses HTTP Basic Authentication, which transmits... High Unreviewed
CVE-2023-46383 was published Dec 1, 2023
A vulnerability has been identified in COMOS (All versions < V10.4.4). Caching system in the... Low Unreviewed
CVE-2023-43503 was published Nov 14, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed
CVE-2023-46382 was published Nov 5, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed
CVE-2023-46380 was published Nov 5, 2023
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length... High Unreviewed
CVE-2017-7252 was published Nov 3, 2023
A vulnerability has been identified in PT-G503 Series firmware versions prior to v5.2, where the... Low Unreviewed
CVE-2023-5035 was published Nov 2, 2023
The Android Client application, when enrolled with the define method 1 (the user manually... High Unreviewed
CVE-2023-45321 was published Oct 25, 2023
IBM Security Verify Governance 10.0 does not encrypt sensitive or critical information before... High Unreviewed
CVE-2023-33837 was published Oct 23, 2023
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in environment... High Unreviewed
CVE-2023-38276 was published Oct 22, 2023
IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 exposes sensitive information in container... High Unreviewed
CVE-2023-38275 was published Oct 22, 2023
The affected product is vulnerable to a cleartext transmission of sensitive... Moderate Unreviewed
CVE-2023-41088 was published Oct 19, 2023
Baker Hughes – Bently Nevada 3500 System TDI Firmware version 5.05 contains a cleartext... High Unreviewed
CVE-2023-34441 was published Oct 19, 2023
IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information to an... High Unreviewed
CVE-2022-22385 was published Oct 17, 2023
A vulnerability was found in Delta Electronics WPLSoft 2.51. It has been classified as... Low Unreviewed
CVE-2023-5461 was published Oct 9, 2023
Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged... Moderate Unreviewed
CVE-2023-5100 was published Oct 9, 2023
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN... Moderate Unreviewed
CVE-2023-23371 was published Oct 6, 2023
A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra... High Unreviewed
CVE-2023-3361 was published Oct 4, 2023
All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config... High Unreviewed
CVE-2022-47892 was published Oct 3, 2023
ProTip! Advisories are also available from the GraphQL API