Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

515 advisories

Loading
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected... High Unreviewed
CVE-2019-4399 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed
CVE-2019-8237 was published May 24, 2022
On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture... Moderate Unreviewed
CVE-2019-11341 was published May 24, 2022
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used... Moderate Unreviewed
CVE-2018-5745 was published May 24, 2022
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This... Moderate Unreviewed
CVE-2019-13629 was published May 24, 2022
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in... Moderate Unreviewed
CVE-2019-16116 was published May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed
CVE-2019-3736 was published May 24, 2022
Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed
CVE-2019-10492 was published May 24, 2022
Use of a weak cryptographic algorithm in Gradle Low
CVE-2019-16370 was published for org.gradle:gradle-core (Maven) May 24, 2022
In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed
CVE-2019-1563 was published May 24, 2022
An issue was discovered in Total.js CMS 12.0.0. A low privilege user can perform a simple... Moderate Unreviewed
CVE-2019-15955 was published May 24, 2022
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses... Moderate Unreviewed
CVE-2018-18371 was published May 24, 2022
An exploitable information disclosure vulnerability exists in the Weave PASE pairing... Critical Unreviewed
CVE-2019-5035 was published May 24, 2022
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2019-12621 was published May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS... High Unreviewed
CVE-2019-9013 was published May 24, 2022
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low... High Unreviewed
CVE-2019-9506 was published May 24, 2022
A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All... Moderate Unreviewed
CVE-2019-10929 was published May 24, 2022
PHP JOSE Library by Gree Inc. Uses a Broken or Risky Cryptographic Algorithm High
CVE-2016-5431 was published for gree/jose (Composer) May 24, 2022
Magento 2 Community Edition Cryptographic Flaw High
CVE-2019-7858 was published for magento/community-edition (Composer) May 24, 2022
There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U... Moderate Unreviewed
CVE-2019-13604 was published May 24, 2022
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed
CVE-2019-12171 was published May 24, 2022
Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor... Moderate Unreviewed
CVE-2019-9836 was published May 24, 2022
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2019-4156 was published May 24, 2022
HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized,... Moderate Unreviewed
CVE-2019-11323 was published May 24, 2022
A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual... High Unreviewed
CVE-2019-1706 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database