Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected... High Unreviewed
CVE-2020-4937 was published May 24, 2022
Untangle Firewall NG before 16.0 uses MD5 for passwords. Moderate Unreviewed
CVE-2020-17494 was published May 24, 2022
DomainMOD before 4.14.0 uses MD5 without a salt for password storage. High Unreviewed
CVE-2019-9080 was published May 24, 2022
In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of... Moderate Unreviewed
CVE-2020-24619 was published May 24, 2022
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected,... Critical Unreviewed
CVE-2020-14517 was published May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2020-10927 was published May 24, 2022
During RSA key generation, bignum implementations used a variation of the Binary Extended... Moderate Unreviewed
CVE-2020-12402 was published May 24, 2022
An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect... Low Unreviewed
CVE-2020-13132 was published May 24, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 ... Moderate Unreviewed
CVE-2020-7511 was published May 24, 2022
A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All... Moderate Unreviewed
CVE-2019-10929 was published May 24, 2022
An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file... Moderate Unreviewed
CVE-2020-10560 was published May 24, 2022
wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing... Moderate Unreviewed
CVE-2020-11713 was published May 24, 2022
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and... Moderate Unreviewed
CVE-2020-10601 was published May 24, 2022
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is... Moderate Unreviewed
CVE-2020-11501 was published May 24, 2022
openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than... Moderate Unreviewed
CVE-2020-10788 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Moderate Unreviewed
CVE-2019-19299 was published May 24, 2022
A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e... Low Unreviewed
CVE-2019-5106 was published May 24, 2022
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak... Moderate Unreviewed
CVE-2019-19397 was published May 24, 2022
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This... Moderate Unreviewed
CVE-2019-13629 was published May 24, 2022
STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the... Moderate Unreviewed
CVE-2019-16863 was published May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed
CVE-2019-3736 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed
CVE-2019-8237 was published May 24, 2022
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2019-12621 was published May 24, 2022
Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed
CVE-2019-10492 was published May 24, 2022
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed
CVE-2019-12171 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database