Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption... High Unreviewed
CVE-2019-1543 was published May 13, 2022
Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio... Critical Unreviewed
CVE-2019-9483 was published May 13, 2022
Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an... Moderate Unreviewed
CVE-2019-5754 was published May 13, 2022
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side... Moderate Unreviewed
CVE-2018-0737 was published May 13, 2022
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored... High Unreviewed
CVE-2019-7673 was published May 13, 2022
The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container... High Unreviewed
CVE-2019-3818 was published May 13, 2022
Reliance on Cookies without validation in OctoberCMS Moderate
CVE-2020-15128 was published for october/rain (Composer) Aug 5, 2020
Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt Moderate
CVE-2020-7689 was published for bcrypt (npm) Aug 20, 2020
Inadequate Encryption Strength in Apache NiFi High
CVE-2020-9491 was published for org.apache.nifi:nifi (Maven) Jan 6, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected... Moderate Unreviewed
CVE-2018-1996 was published May 13, 2022
Broken encryption in EdgeX Foundry Moderate
CVE-2021-41278 was published for github.com/edgexfoundry/app-functions-sdk-go (Go) Nov 19, 2021
bnevis-i
An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak... High Unreviewed
CVE-2018-7211 was published May 13, 2022
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is... Moderate Unreviewed
CVE-2021-22356 was published Nov 24, 2021
An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles... High Unreviewed
CVE-2019-0688 was published May 13, 2022
Use of Sha-1 in tusdotnet Low
CVE-2021-44150 was published for tusdotnet (NuGet) Nov 29, 2021 withdrawn
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic... High Unreviewed
CVE-2021-39058 was published Dec 14, 2021
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14... Moderate Unreviewed
CVE-2019-6485 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... High Unreviewed
CVE-2021-39002 was published Dec 10, 2021
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was... Moderate Unreviewed
CVE-2019-5719 was published May 13, 2022
A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain... High Unreviewed
CVE-2019-7477 was published May 13, 2022
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL... High Unreviewed
CVE-2018-5458 was published May 13, 2022
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly... High Unreviewed
CVE-2018-6829 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325... High Unreviewed
CVE-2019-1828 was published May 13, 2022
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than... Moderate Unreviewed
CVE-2018-1428 was published May 13, 2022
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses... Moderate Unreviewed
CVE-2017-1575 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database