GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
438 advisories
Filter by severity
Elixir can leak information due to weak use of crypto
High
CVE-2012-2146
was published
for
Elixir
(pip)
May 17, 2022
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat...
High
Unreviewed
CVE-2016-3099
was published
May 17, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute...
Critical
Unreviewed
CVE-2014-8687
was published
May 17, 2022
The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a...
Critical
Unreviewed
CVE-2017-9466
was published
May 17, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for...
High
Unreviewed
CVE-2017-11133
was published
May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client...
Critical
Unreviewed
CVE-2014-9969
was published
May 17, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop
Critical
CVE-2012-4449
was published
for
org.apache.hadoop:hadoop-client
(Maven)
May 17, 2022
FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability....
Moderate
Unreviewed
CVE-2017-8191
was published
May 14, 2022
Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded...
Critical
Unreviewed
CVE-2017-17717
was published
May 14, 2022
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small...
Moderate
Unreviewed
CVE-2017-8866
was published
May 14, 2022
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters...
Critical
Unreviewed
CVE-2017-17878
was published
May 14, 2022
Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use...
Moderate
Unreviewed
CVE-2017-17167
was published
May 14, 2022
The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security...
Moderate
Unreviewed
CVE-2017-14937
was published
May 14, 2022
DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability....
Moderate
Unreviewed
CVE-2017-15326
was published
May 14, 2022
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database...
High
Unreviewed
CVE-2018-6619
was published
May 14, 2022
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to...
High
Unreviewed
CVE-2018-10831
was published
May 14, 2022
IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request.
High
Unreviewed
CVE-2018-12420
was published
May 14, 2022
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which...
Critical
Unreviewed
CVE-2016-6602
was published
May 14, 2022
BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash.
Moderate
Unreviewed
CVE-2018-18587
was published
May 14, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J
High
CVE-2015-0226
was published
for
org.apache.ws.security:wss4j
(Maven)
May 14, 2022
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker...
Moderate
Unreviewed
CVE-2018-7959
was published
May 13, 2022
WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such...
Moderate
Unreviewed
CVE-2018-5152
was published
May 13, 2022
A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and...
Moderate
Unreviewed
CVE-2018-16806
was published
May 13, 2022
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware...
Moderate
Unreviewed
CVE-2018-15355
was published
May 13, 2022
** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on...
High
Unreviewed
CVE-2018-11209
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API