GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
149 advisories
Filter by severity
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25230
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected...
High
Unreviewed
CVE-2020-4937
was published
May 24, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4...
High
Unreviewed
CVE-2020-27653
was published
May 24, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6...
High
Unreviewed
CVE-2020-27652
was published
May 24, 2022
BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an...
High
Unreviewed
CVE-2020-27611
was published
May 24, 2022
DomainMOD before 4.14.0 uses MD5 without a salt for password storage.
High
Unreviewed
CVE-2019-9080
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
High
Unreviewed
CVE-2020-10927
was published
May 24, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy...
High
Unreviewed
CVE-2020-7514
was published
May 24, 2022
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the...
High
Unreviewed
CVE-2019-20138
was published
May 24, 2022
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in...
High
Unreviewed
CVE-2019-19962
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of...
High
Unreviewed
CVE-2019-5163
was published
May 24, 2022
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected...
High
Unreviewed
CVE-2019-4399
was published
May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions...
High
Unreviewed
CVE-2019-8237
was published
May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage...
High
Unreviewed
CVE-2019-3736
was published
May 24, 2022
Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon...
High
Unreviewed
CVE-2019-10492
was published
May 24, 2022
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to...
High
Unreviewed
CVE-2019-12621
was published
May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS...
High
Unreviewed
CVE-2019-9013
was published
May 24, 2022
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low...
High
Unreviewed
CVE-2019-9506
was published
May 24, 2022
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71...
High
Unreviewed
CVE-2019-12171
was published
May 24, 2022
A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual...
High
Unreviewed
CVE-2019-1706
was published
May 24, 2022
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat...
High
Unreviewed
CVE-2016-3099
was published
May 17, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for...
High
Unreviewed
CVE-2017-11133
was published
May 17, 2022
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database...
High
Unreviewed
CVE-2018-6619
was published
May 14, 2022
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to...
High
Unreviewed
CVE-2018-10831
was published
May 14, 2022
IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request.
High
Unreviewed
CVE-2018-12420
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API