Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+

438 advisories

Loading
Elixir can leak information due to weak use of crypto High
CVE-2012-2146 was published for Elixir (pip) May 17, 2022
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat... High Unreviewed
CVE-2016-3099 was published May 17, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed
CVE-2014-8687 was published May 17, 2022
The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a... Critical Unreviewed
CVE-2017-9466 was published May 17, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... High Unreviewed
CVE-2017-11133 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client... Critical Unreviewed
CVE-2014-9969 was published May 17, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop Critical
CVE-2012-4449 was published for org.apache.hadoop:hadoop-client (Maven) May 17, 2022
FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability.... Moderate Unreviewed
CVE-2017-8191 was published May 14, 2022
Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded... Critical Unreviewed
CVE-2017-17717 was published May 14, 2022
Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small... Moderate Unreviewed
CVE-2017-8866 was published May 14, 2022
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters... Critical Unreviewed
CVE-2017-17878 was published May 14, 2022
Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use... Moderate Unreviewed
CVE-2017-17167 was published May 14, 2022
The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security... Moderate Unreviewed
CVE-2017-14937 was published May 14, 2022
DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability.... Moderate Unreviewed
CVE-2017-15326 was published May 14, 2022
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database... High Unreviewed
CVE-2018-6619 was published May 14, 2022
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to... High Unreviewed
CVE-2018-10831 was published May 14, 2022
IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. High Unreviewed
CVE-2018-12420 was published May 14, 2022
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which... Critical Unreviewed
CVE-2016-6602 was published May 14, 2022
BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash. Moderate Unreviewed
CVE-2018-18587 was published May 14, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J High
CVE-2015-0226 was published for org.apache.ws.security:wss4j (Maven) May 14, 2022
r3kumar
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker... Moderate Unreviewed
CVE-2018-7959 was published May 13, 2022
WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such... Moderate Unreviewed
CVE-2018-5152 was published May 13, 2022
A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and... Moderate Unreviewed
CVE-2018-16806 was published May 13, 2022
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware... Moderate Unreviewed
CVE-2018-15355 was published May 13, 2022
** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on... High Unreviewed
CVE-2018-11209 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database