GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,159

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

514 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. High Unreviewed

CVE-2018-12420 was published May 14, 2022

The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security... Moderate Unreviewed

CVE-2017-14937 was published May 14, 2022

Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to... High Unreviewed

CVE-2018-10831 was published May 14, 2022

DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability.... Moderate Unreviewed

CVE-2017-15326 was published May 14, 2022

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use... Moderate Unreviewed

CVE-2017-17167 was published May 14, 2022

An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters... Critical Unreviewed

CVE-2017-17878 was published May 14, 2022

Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded... Critical Unreviewed

CVE-2017-17717 was published May 14, 2022

Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small... Moderate Unreviewed

CVE-2017-8866 was published May 14, 2022

FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability.... Moderate Unreviewed

CVE-2017-8191 was published May 14, 2022

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed

CVE-2018-0734 was published May 13, 2022

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed

CVE-2018-0735 was published May 13, 2022

A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was... High Unreviewed

CVE-2017-2488 was published Dec 24, 2021

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in... Moderate Unreviewed

CVE-2021-43550 was published Dec 28, 2021

Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy High

CVE-2021-42583 was published for github.com/foxcpp/maddy (Go) Jan 6, 2022

IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic... High Unreviewed

CVE-2021-38921 was published Jan 11, 2022

Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues... High Unreviewed

CVE-2021-33846 was published Jan 22, 2022

The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies... Critical Unreviewed

CVE-2021-31562 was published Jan 22, 2022

An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol... Moderate Unreviewed

CVE-2021-45081 was published Feb 21, 2022

In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client... Critical Unreviewed

CVE-2014-9969 was published May 17, 2022

An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method... High Unreviewed

CVE-2020-36516 was published Feb 27, 2022

"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure... High Unreviewed

CVE-2021-27756 was published Mar 5, 2022

A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker... Moderate Unreviewed

CVE-2021-43774 was published Mar 4, 2022

IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2019-4156 was published May 24, 2022

IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker... High Unreviewed

CVE-2022-22462 was published Jan 26, 2023

IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected... High Unreviewed

CVE-2022-43917 was published Jan 26, 2023

Previous 1…8…21 Next

Previous 1 2 … 6 7 8 9 10 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

514 advisories