GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
438 advisories
Filter by severity
An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect...
Low
Unreviewed
CVE-2020-13132
was published
May 24, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 ...
Moderate
Unreviewed
CVE-2020-7511
was published
May 24, 2022
A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All...
Moderate
Unreviewed
CVE-2019-10929
was published
May 24, 2022
An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file...
Moderate
Unreviewed
CVE-2020-10560
was published
May 24, 2022
wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing...
Moderate
Unreviewed
CVE-2020-11713
was published
May 24, 2022
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and...
Moderate
Unreviewed
CVE-2020-10601
was published
May 24, 2022
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is...
Moderate
Unreviewed
CVE-2020-11501
was published
May 24, 2022
openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than...
Moderate
Unreviewed
CVE-2020-10788
was published
May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR...
Moderate
Unreviewed
CVE-2019-19299
was published
May 24, 2022
A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e...
Low
Unreviewed
CVE-2019-5106
was published
May 24, 2022
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing...
Moderate
Unreviewed
CVE-2022-20513
was published
Dec 20, 2022
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak...
Moderate
Unreviewed
CVE-2019-19397
was published
May 24, 2022
MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This...
Moderate
Unreviewed
CVE-2019-13629
was published
May 24, 2022
STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the...
Moderate
Unreviewed
CVE-2019-16863
was published
May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage...
High
Unreviewed
CVE-2019-3736
was published
May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions...
High
Unreviewed
CVE-2019-8237
was published
May 24, 2022
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to...
High
Unreviewed
CVE-2019-12621
was published
May 24, 2022
Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon...
High
Unreviewed
CVE-2019-10492
was published
May 24, 2022
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71...
High
Unreviewed
CVE-2019-12171
was published
May 24, 2022
Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers...
Moderate
Unreviewed
CVE-2022-30111
was published
May 19, 2022
IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker...
High
Unreviewed
CVE-2022-34320
was published
Nov 15, 2022
IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker...
High
Unreviewed
CVE-2022-34319
was published
Nov 14, 2022
SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation...
Moderate
Unreviewed
CVE-2022-45195
was published
Nov 13, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6...
High
Unreviewed
CVE-2020-27652
was published
May 24, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4...
High
Unreviewed
CVE-2020-27653
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API