Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

17 advisories

Loading
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header.  This... Low Unreviewed
CVE-2024-30119 was published Jun 15, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive... Low Unreviewed
CVE-2023-37397 was published Apr 19, 2024
Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 ... Low Unreviewed
CVE-2023-28896 was published Dec 1, 2023
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open... Low Unreviewed
CVE-2022-46825 was published Dec 8, 2022
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the... Low Unreviewed
CVE-2020-14263 was published May 24, 2022
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by... Low Unreviewed
CVE-2020-12872 was published May 24, 2022
An issue was discovered on LG mobile devices with Android OS 9.0 (Qualcomm SDM450, SDM845, SM6150... Low Unreviewed
CVE-2019-20775 was published May 24, 2022
Python Keyring does not securely initialize encryption cipher Low
CVE-2012-4571 was published for keyring (pip) May 17, 2022
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges.... Low Unreviewed
CVE-2017-9635 was published May 13, 2022
An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static... Low Unreviewed
CVE-2018-17177 was published May 13, 2022
Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password... Low Unreviewed
CVE-2002-1975 was published Apr 30, 2022
Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password"... Low Unreviewed
CVE-2002-1946 was published Apr 30, 2022
Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user... Low Unreviewed
CVE-2002-1739 was published Apr 30, 2022
NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the... Low Unreviewed
CVE-2002-1682 was published Apr 30, 2022
Discoverability of user password hash in Statamic CMS Low
CVE-2022-24784 was published for statamic/cms (Composer) Mar 29, 2022
RSA weakness in tslite-ng Low
CVE-2020-26263 was published for tlslite-ng (pip) Dec 21, 2020
tomato42
CLI does not correctly implement strict mode Low
GHSA-2xwp-m7mq-7q3r was published for aws-encryption-sdk-cli (pip) Oct 28, 2020
ProTip! Advisories are also available from the GraphQL API