Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,045
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

34 advisories

Loading
Under certain circumstances the communication between exacqVision Client and exacqVision Server... Critical Unreviewed
CVE-2024-32758 was published Aug 2, 2024
Apache Linkis Authentication Bypass vulnerability Critical
CVE-2023-27987 was published for org.apache.linkis:linkis (Maven) Jul 6, 2023
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by... Critical Unreviewed
CVE-2022-45141 was published Mar 7, 2023
Certain General Electric Renewable Energy products have inadequate encryption strength. This... Critical Unreviewed
CVE-2022-24116 was published Dec 26, 2022
The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a... Critical Unreviewed
CVE-2021-42949 was published Sep 17, 2022
Hytec Inter HWL-2511-SS v1.05 and below implements a SHA512crypt hash for the root account which... Critical Unreviewed
CVE-2022-36555 was published Aug 30, 2022
A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4... Critical Unreviewed
CVE-2021-24020 was published May 24, 2022
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic... Critical Unreviewed
CVE-2021-27200 was published May 24, 2022
Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX... Critical Unreviewed
CVE-2021-21507 was published May 24, 2022
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2... Critical Unreviewed
CVE-2020-26197 was published May 24, 2022
Zoho ManageEngine Application Control Plus before 100523 has an insecure SSL configuration... Critical Unreviewed
CVE-2020-29658 was published May 24, 2022
AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory... Critical Unreviewed
CVE-2020-11684 was published May 24, 2022
Session data between cluster nodes during cluster synchronization is not properly encrypted in... Critical Unreviewed
CVE-2018-20810 was published May 24, 2022
On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is... Critical Unreviewed
CVE-2017-8076 was published May 17, 2022
Dolibarr ERP and CRM Insecure Encryption Critical
CVE-2017-7888 was published for dolibarr/dolibarr (Composer) May 17, 2022
PGP/MIME encrypted messages injected into a Vaultive O365 (before 4.5.21) frontend via IMAP or... Critical Unreviewed
CVE-2017-7229 was published May 17, 2022
A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix... Critical Unreviewed
CVE-2017-7903 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure... Critical Unreviewed
CVE-2015-0575 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback... Critical Unreviewed
CVE-2014-9975 was published May 17, 2022
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to... Critical Unreviewed
CVE-2017-14090 was published May 14, 2022
Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version ... Critical Unreviewed
CVE-2018-15124 was published May 14, 2022
Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum,... Critical Unreviewed
CVE-2018-7242 was published May 14, 2022
Apache OpenMeetings has Inadequate Encryption Strength Critical
CVE-2017-7673 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 13, 2022
Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in... Critical Unreviewed
CVE-2017-16726 was published May 13, 2022
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750... Critical Unreviewed
CVE-2017-7905 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database