Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

266 advisories

Loading
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE... Critical Unreviewed
CVE-2022-46353 was published Dec 13, 2022
Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full... Critical Unreviewed
CVE-2022-44938 was published Dec 8, 2022
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2022-20941 was published Nov 16, 2022
PHPServerMon PRNG has Insufficient Entropy Moderate
CVE-2021-4241 was published for phpservermon/phpservermon (Composer) Nov 16, 2022
Insufficient Entropy in PHPServerMon PRNG Moderate
CVE-2021-4240 was published for phpservermon/phpservermon (Composer) Nov 16, 2022
A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1.... Moderate Unreviewed
CVE-2022-3959 was published Nov 11, 2022
Use of unclaimed s3 bucket in tests and examples Moderate
CVE-2022-36022 was published for org.deeplearning4j:dl4j-examples (Maven) Nov 10, 2022
draco1725
Multiple W&T products of the Comserver Series use a small number space for allocating sessions... Critical Unreviewed
CVE-2022-42787 was published Nov 10, 2022
An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which... Moderate Unreviewed
CVE-2022-44795 was published Nov 7, 2022
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict... Critical Unreviewed
CVE-2022-30935 was published Sep 29, 2022
ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used... Moderate Unreviewed
CVE-2022-38970 was published Sep 27, 2022
Fastly Compute@Edge JS Runtime has fixed random number seed during compilation High
CVE-2022-39218 was published for @fastly/js-compute (npm) Sep 20, 2022
JakeChampion
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values. Moderate Unreviewed
CVE-2022-1615 was published Sep 2, 2022
Cryptographically weak PRNG in `utils.generateUUID` Critical
CVE-2022-36045 was published for nodebb (npm) Aug 30, 2022
HakuPiku
Apache OpenOffice supports the storage of passwords for web connections in the user's... High Unreviewed
CVE-2022-37400 was published Aug 16, 2022
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1... High Unreviewed
CVE-2022-30629 was published Aug 11, 2022
In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation... High Unreviewed
CVE-2022-29808 was published Aug 3, 2022
otp-generator before v3.0.0 insecurely generates random one-time passwords Critical
CVE-2021-23451 was published for otp-generator (npm) Jul 26, 2022
LibreOffice supports the storage of passwords for web connections in the user’s configuration... High Unreviewed
CVE-2022-26306 was published Jul 26, 2022
LTI 1.3 Tool Library's function used to generate random nonces not sufficiently cryptographically complex before v5.0 High
CVE-2022-31157 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT ... Critical Unreviewed
CVE-2022-26647 was published Jul 13, 2022
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker... Moderate Unreviewed
CVE-2022-33707 was published Jul 13, 2022
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, ... Critical Unreviewed
CVE-2020-35163 was published Jul 12, 2022
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values. Moderate Unreviewed
CVE-2022-25047 was published Jul 8, 2022
Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of... High Unreviewed
CVE-2022-32284 was published Jul 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database