Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

429 advisories

Loading
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in... High Unreviewed
CVE-2019-19962 was published May 24, 2022
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak... Moderate Unreviewed
CVE-2019-19397 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Low Unreviewed
CVE-2019-18340 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of... High Unreviewed
CVE-2019-5163 was published May 24, 2022
STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the... Moderate Unreviewed
CVE-2019-16863 was published May 24, 2022
The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential... Moderate Unreviewed
CVE-2019-18659 was published May 24, 2022
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected... High Unreviewed
CVE-2019-4399 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed
CVE-2019-8237 was published May 24, 2022
On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture... Moderate Unreviewed
CVE-2019-11341 was published May 24, 2022
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used... Moderate Unreviewed
CVE-2018-5745 was published May 24, 2022
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This... Moderate Unreviewed
CVE-2019-13629 was published May 24, 2022
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in... Moderate Unreviewed
CVE-2019-16116 was published May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed
CVE-2019-3736 was published May 24, 2022
Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed
CVE-2019-10492 was published May 24, 2022
In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed
CVE-2019-1563 was published May 24, 2022
An issue was discovered in Total.js CMS 12.0.0. A low privilege user can perform a simple... Moderate Unreviewed
CVE-2019-15955 was published May 24, 2022
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses... Moderate Unreviewed
CVE-2018-18371 was published May 24, 2022
An exploitable information disclosure vulnerability exists in the Weave PASE pairing... Critical Unreviewed
CVE-2019-5035 was published May 24, 2022
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2019-12621 was published May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS... High Unreviewed
CVE-2019-9013 was published May 24, 2022
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low... High Unreviewed
CVE-2019-9506 was published May 24, 2022
A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All... Moderate Unreviewed
CVE-2019-10929 was published May 24, 2022
There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U... Moderate Unreviewed
CVE-2019-13604 was published May 24, 2022
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed
CVE-2019-12171 was published May 24, 2022
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2019-4156 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database