GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,194
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,281
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,067

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

469 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP... High Unreviewed

CVE-2020-28396 was published May 24, 2022

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed

CVE-2022-31230 was published Jun 29, 2022

Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed

CVE-2014-8687 was published May 17, 2022

The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a... Critical Unreviewed

CVE-2017-9466 was published May 17, 2022

A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server... High Unreviewed

CVE-2022-28622 was published Jun 28, 2022

On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade... High Unreviewed

CVE-2022-28370 was published Jul 15, 2022

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak... Moderate Unreviewed

CVE-2022-34757 was published Jul 14, 2022

LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High

CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022

Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed

CVE-2022-34632 was published Jul 19, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29965 was published Jul 27, 2022

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4... High Unreviewed

CVE-2020-27653 was published May 24, 2022

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6... High Unreviewed

CVE-2020-27652 was published May 24, 2022

SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation... Moderate Unreviewed

CVE-2022-45195 was published Nov 13, 2022

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34319 was published Nov 14, 2022

IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34320 was published Nov 15, 2022

Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers... Moderate Unreviewed

CVE-2022-30111 was published May 19, 2022

Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed

CVE-2019-12171 was published May 24, 2022

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed

CVE-2019-10492 was published May 24, 2022

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to... High Unreviewed

CVE-2019-12621 was published May 24, 2022

Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed

CVE-2019-8237 was published May 24, 2022

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed

CVE-2019-3736 was published May 24, 2022

STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the... Moderate Unreviewed

CVE-2019-16863 was published May 24, 2022

MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This... Moderate Unreviewed

CVE-2019-13629 was published May 24, 2022

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak... Moderate Unreviewed

CVE-2019-19397 was published May 24, 2022

In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing... Moderate Unreviewed

CVE-2022-20513 was published Dec 20, 2022

Previous 1 2 3 4 5 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

469 advisories