Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

180 advisories

Loading
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325... High Unreviewed
CVE-2019-1828 was published May 13, 2022
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL... High Unreviewed
CVE-2018-5458 was published May 13, 2022
The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does... High Unreviewed
CVE-2017-5243 was published May 13, 2022
IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic... High Unreviewed
CVE-2017-1598 was published May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to... High Unreviewed
CVE-2017-15997 was published May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static... High Unreviewed
CVE-2017-15998 was published May 13, 2022
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote... High Unreviewed
CVE-2017-17428 was published May 13, 2022
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8... High Unreviewed
CVE-2017-5186 was published May 13, 2022
An issue was discovered on Mimosa Client Radios before 2.2.3. In the device's web interface,... High Unreviewed
CVE-2017-9136 was published May 13, 2022
CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary... High Unreviewed
CVE-2018-10084 was published May 13, 2022
** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on... High Unreviewed
CVE-2018-11209 was published May 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J High
CVE-2015-0226 was published for org.apache.ws.security:wss4j (Maven) May 14, 2022
r3kumar
IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. High Unreviewed
CVE-2018-12420 was published May 14, 2022
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to... High Unreviewed
CVE-2018-10831 was published May 14, 2022
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database... High Unreviewed
CVE-2018-6619 was published May 14, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... High Unreviewed
CVE-2017-11133 was published May 17, 2022
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat... High Unreviewed
CVE-2016-3099 was published May 17, 2022
Elixir can leak information due to weak use of crypto High
CVE-2012-2146 was published for Elixir (pip) May 17, 2022
A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual... High Unreviewed
CVE-2019-1706 was published May 24, 2022
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed
CVE-2019-12171 was published May 24, 2022
Magento 2 Community Edition Cryptographic Flaw High
CVE-2019-7858 was published for magento/community-edition (Composer) May 24, 2022
PHP JOSE Library by Gree Inc. Uses a Broken or Risky Cryptographic Algorithm High
CVE-2016-5431 was published for gree/jose (Composer) May 24, 2022
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low... High Unreviewed
CVE-2019-9506 was published May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS... High Unreviewed
CVE-2019-9013 was published May 24, 2022
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2019-12621 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database