Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses... Moderate Unreviewed
CVE-2017-1571 was published May 13, 2022
Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation... Moderate Unreviewed
CVE-2017-16718 was published May 13, 2022
The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does... High Unreviewed
CVE-2017-5243 was published May 13, 2022
A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and... Moderate Unreviewed
CVE-2017-10668 was published May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption... Moderate Unreviewed
CVE-2017-1339 was published May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static... High Unreviewed
CVE-2017-15998 was published May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to... High Unreviewed
CVE-2017-15997 was published May 13, 2022
IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic... High Unreviewed
CVE-2017-1598 was published May 13, 2022
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote... High Unreviewed
CVE-2017-17428 was published May 13, 2022
IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2022-38391 was published Dec 20, 2022
An exploitable Weak Cryptography for Passwords vulnerability exists in the web server... High Unreviewed
CVE-2017-12129 was published May 13, 2022
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server... Critical Unreviewed
CVE-2017-4917 was published May 13, 2022
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8... High Unreviewed
CVE-2017-5186 was published May 13, 2022
OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an... Moderate Unreviewed
CVE-2017-8157 was published May 13, 2022
An issue was discovered on Mimosa Client Radios before 2.2.3. In the device's web interface,... High Unreviewed
CVE-2017-9136 was published May 13, 2022
CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary... High Unreviewed
CVE-2018-10084 was published May 13, 2022
** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on... High Unreviewed
CVE-2018-11209 was published May 13, 2022
A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and... Moderate Unreviewed
CVE-2018-16806 was published May 13, 2022
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware... Moderate Unreviewed
CVE-2018-15355 was published May 13, 2022
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker... Moderate Unreviewed
CVE-2018-7959 was published May 13, 2022
WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such... Moderate Unreviewed
CVE-2018-5152 was published May 13, 2022
IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2022-34361 was published Dec 6, 2022
BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash. Moderate Unreviewed
CVE-2018-18587 was published May 14, 2022
In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption... High Unreviewed
CVE-2021-45451 was published Dec 22, 2021
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database... High Unreviewed
CVE-2018-6619 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database