GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,159

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

514 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed

CVE-2022-31230 was published Jun 29, 2022

The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a... Critical Unreviewed

CVE-2017-9466 was published May 17, 2022

A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server... High Unreviewed

CVE-2022-28622 was published Jun 28, 2022

On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade... High Unreviewed

CVE-2022-28370 was published Jul 15, 2022

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak... Moderate Unreviewed

CVE-2022-34757 was published Jul 14, 2022

LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High

CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022

Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed

CVE-2022-34632 was published Jul 19, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29965 was published Jul 27, 2022

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4... High Unreviewed

CVE-2020-27653 was published May 24, 2022

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6... High Unreviewed

CVE-2020-27652 was published May 24, 2022

SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation... Moderate Unreviewed

CVE-2022-45195 was published Nov 13, 2022

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34319 was published Nov 14, 2022

IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34320 was published Nov 15, 2022

Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers... Moderate Unreviewed

CVE-2022-30111 was published May 19, 2022

Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed

CVE-2019-12171 was published May 24, 2022

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed

CVE-2019-10492 was published May 24, 2022

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to... High Unreviewed

CVE-2019-12621 was published May 24, 2022

Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed

CVE-2019-8237 was published May 24, 2022

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed

CVE-2019-3736 was published May 24, 2022

STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the... Moderate Unreviewed

CVE-2019-16863 was published May 24, 2022

MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This... Moderate Unreviewed

CVE-2019-13629 was published May 24, 2022

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak... Moderate Unreviewed

CVE-2019-19397 was published May 24, 2022

A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e... Low Unreviewed

CVE-2019-5106 was published May 24, 2022

A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Moderate Unreviewed

CVE-2019-19299 was published May 24, 2022

openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than... Moderate Unreviewed

CVE-2020-10788 was published May 24, 2022

Previous 12…21 Next

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

514 advisories