GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
192 advisories
Filter by severity
On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1...
Moderate
Unreviewed
CVE-2020-5860
was published
May 24, 2022
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and...
Moderate
Unreviewed
CVE-2020-9770
was published
May 24, 2022
ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection...
Moderate
Unreviewed
CVE-2019-19097
was published
May 24, 2022
A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow...
Moderate
Unreviewed
CVE-2020-10377
was published
May 24, 2022
A missing secure communication definition and an incomplete TLS validation in the upgrade service...
Moderate
Unreviewed
CVE-2019-19101
was published
May 24, 2022
On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5...
Moderate
Unreviewed
CVE-2020-5884
was published
May 24, 2022
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP...
Moderate
Unreviewed
CVE-2020-5886
was published
May 24, 2022
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP...
Moderate
Unreviewed
CVE-2020-5885
was published
May 24, 2022
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access...
Moderate
Unreviewed
CVE-2020-9315
was published
May 24, 2022
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular...
Moderate
Unreviewed
CVE-2020-11735
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2020-10919
was published
May 24, 2022
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being...
Moderate
Unreviewed
CVE-2020-1968
was published
May 24, 2022
In various functions in fscrypt_ice.c and related files in some implementations of f2fs...
Moderate
Unreviewed
CVE-2020-0407
was published
May 24, 2022
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode...
Moderate
Unreviewed
CVE-2020-7069
was published
May 24, 2022
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020...
Moderate
Unreviewed
CVE-2020-27181
was published
May 24, 2022
On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels...
Moderate
Unreviewed
CVE-2020-5938
was published
May 24, 2022
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed...
Moderate
Unreviewed
CVE-2020-5943
was published
May 24, 2022
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with...
Moderate
Unreviewed
CVE-2020-9128
was published
May 24, 2022
Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30...
Moderate
Unreviewed
CVE-2020-8761
was published
May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications...
Moderate
Unreviewed
CVE-2020-20950
was published
May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library...
Moderate
Unreviewed
CVE-2020-20949
was published
May 24, 2022
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,...
Moderate
Unreviewed
CVE-2020-25685
was published
May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2021-20406
was published
May 24, 2022
In the ownCloud application before 2.15 for Android, the lock protection mechanism can be...
Moderate
Unreviewed
CVE-2020-36250
was published
May 24, 2022
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application...
Moderate
Unreviewed
CVE-2020-12702
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API