GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
214 advisories
Filter by severity
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected...
Moderate
Unreviewed
CVE-2018-1996
was published
May 13, 2022
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was...
Moderate
Unreviewed
CVE-2019-5719
was published
May 13, 2022
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14...
Moderate
Unreviewed
CVE-2019-6485
was published
May 13, 2022
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than...
Moderate
Unreviewed
CVE-2018-1428
was published
May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses...
Moderate
Unreviewed
CVE-2017-1571
was published
May 13, 2022
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses...
Moderate
Unreviewed
CVE-2017-1575
was published
May 13, 2022
Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation...
Moderate
Unreviewed
CVE-2017-16718
was published
May 13, 2022
A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and...
Moderate
Unreviewed
CVE-2017-10668
was published
May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption...
Moderate
Unreviewed
CVE-2017-1339
was published
May 13, 2022
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67...
Moderate
Unreviewed
CVE-2017-17382
was published
May 13, 2022
OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an...
Moderate
Unreviewed
CVE-2017-8157
was published
May 13, 2022
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware...
Moderate
Unreviewed
CVE-2018-15355
was published
May 13, 2022
A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and...
Moderate
Unreviewed
CVE-2018-16806
was published
May 13, 2022
WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such...
Moderate
Unreviewed
CVE-2018-5152
was published
May 13, 2022
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker...
Moderate
Unreviewed
CVE-2018-7959
was published
May 13, 2022
BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash.
Moderate
Unreviewed
CVE-2018-18587
was published
May 14, 2022
DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability....
Moderate
Unreviewed
CVE-2017-15326
was published
May 14, 2022
Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use...
Moderate
Unreviewed
CVE-2017-17167
was published
May 14, 2022
The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security...
Moderate
Unreviewed
CVE-2017-14937
was published
May 14, 2022
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small...
Moderate
Unreviewed
CVE-2017-8866
was published
May 14, 2022
FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability....
Moderate
Unreviewed
CVE-2017-8191
was published
May 14, 2022
Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers...
Moderate
Unreviewed
CVE-2022-30111
was published
May 19, 2022
Use of a Broken or Risky Cryptographic Algorithm in XWiki Crypto API
Moderate
CVE-2022-29161
was published
for
org.xwiki.platform:xwiki-platform-crypto
(Maven)
May 24, 2022
HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized,...
Moderate
Unreviewed
CVE-2019-11323
was published
May 24, 2022
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2019-4156
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API