Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

179 advisories

Loading
Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed
CVE-2019-10492 was published May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed
CVE-2019-3736 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed
CVE-2019-8237 was published May 24, 2022
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected... High Unreviewed
CVE-2019-4399 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of... High Unreviewed
CVE-2019-5163 was published May 24, 2022
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in... High Unreviewed
CVE-2019-19962 was published May 24, 2022
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the... High Unreviewed
CVE-2019-20138 was published May 24, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy... High Unreviewed
CVE-2020-7514 was published May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2020-10927 was published May 24, 2022
DomainMOD before 4.14.0 uses MD5 without a salt for password storage. High Unreviewed
CVE-2019-9080 was published May 24, 2022
BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an... High Unreviewed
CVE-2020-27611 was published May 24, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6... High Unreviewed
CVE-2020-27652 was published May 24, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4... High Unreviewed
CVE-2020-27653 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected... High Unreviewed
CVE-2020-4937 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25232 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25230 was published May 24, 2022
IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic... High Unreviewed
CVE-2020-4898 was published May 24, 2022
An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored... High Unreviewed
CVE-2020-10554 was published May 24, 2022
Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is... High Unreviewed
CVE-2020-25493 was published May 24, 2022
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to... High Unreviewed
CVE-2021-27211 was published May 24, 2022
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is... High Unreviewed
CVE-2021-23839 was published May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2... High Unreviewed
CVE-2020-35221 was published May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2020-4831 was published May 24, 2022
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in... High Unreviewed
CVE-2021-22309 was published May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... High Unreviewed
CVE-2021-27457 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database