Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

214 advisories

Loading
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242... Moderate Unreviewed
CVE-2020-11876 was published May 24, 2022
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for... Moderate Unreviewed
CVE-2023-50313 was published Apr 2, 2024
Withdrawn: JJWT improperly generates signing keys Moderate
CVE-2024-31033 was published for io.jsonwebtoken:jjwt-impl (Maven) Apr 1, 2024 withdrawn
ebickle
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C... Moderate Unreviewed
CVE-2013-2213 was published May 5, 2022
HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized,... Moderate Unreviewed
CVE-2019-11323 was published May 24, 2022
Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor... Moderate Unreviewed
CVE-2019-9836 was published May 24, 2022
There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U... Moderate Unreviewed
CVE-2019-13604 was published May 24, 2022
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses... Moderate Unreviewed
CVE-2018-18371 was published May 24, 2022
An issue was discovered in Total.js CMS 12.0.0. A low privilege user can perform a simple... Moderate Unreviewed
CVE-2019-15955 was published May 24, 2022
In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed
CVE-2019-1563 was published May 24, 2022
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in... Moderate Unreviewed
CVE-2019-16116 was published May 24, 2022
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used... Moderate Unreviewed
CVE-2018-5745 was published May 24, 2022
The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential... Moderate Unreviewed
CVE-2019-18659 was published May 24, 2022
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed... Moderate Unreviewed
CVE-2020-5943 was published May 24, 2022
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support... Moderate Unreviewed
CVE-2022-40722 was published Apr 25, 2023
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade... Moderate Unreviewed
CVE-2023-28043 was published Jun 1, 2023
The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure... Moderate Unreviewed
CVE-2023-36608 was published Jul 3, 2023
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused... Moderate Unreviewed
CVE-2023-35890 was published Jul 7, 2023
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A... Moderate Unreviewed
CVE-2023-39252 was published Sep 21, 2023
Windows Authentication Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-29056 was published Apr 9, 2024
Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated... Moderate Unreviewed
CVE-2023-28053 was published Dec 22, 2023
On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture... Moderate Unreviewed
CVE-2019-11341 was published May 24, 2022
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can... Moderate Unreviewed
CVE-2022-45170 was published Apr 14, 2023
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2020-4874 was published May 3, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2023-40696 was published May 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database