GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,512
Composer 4,179
Erlang 31
GitHub Actions 19
Go 1,982
Maven 5,155
npm 3,701
NuGet 656
pip 3,323
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 233,001

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

445 advisories

Filter by severity

Sort by

Least recently updated

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed

CVE-2019-10492 was published May 24, 2022

Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed

CVE-2019-12171 was published May 24, 2022

Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers... Moderate Unreviewed

CVE-2022-30111 was published May 19, 2022

IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34320 was published Nov 15, 2022

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34319 was published Nov 14, 2022

SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation... Moderate Unreviewed

CVE-2022-45195 was published Nov 13, 2022

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6... High Unreviewed

CVE-2020-27652 was published May 24, 2022

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4... High Unreviewed

CVE-2020-27653 was published May 24, 2022

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an... Moderate Unreviewed

CVE-2022-46140 was published Dec 13, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29965 was published Jul 27, 2022

Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed

CVE-2022-34632 was published Jul 19, 2022

LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High

CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak... Moderate Unreviewed

CVE-2022-34757 was published Jul 14, 2022

On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade... High Unreviewed

CVE-2022-28370 was published Jul 15, 2022

A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server... High Unreviewed

CVE-2022-28622 was published Jun 28, 2022

The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a... Critical Unreviewed

CVE-2017-9466 was published May 17, 2022

Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed

CVE-2014-8687 was published May 17, 2022

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed

CVE-2022-31230 was published Jun 29, 2022

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP... High Unreviewed

CVE-2020-28396 was published May 24, 2022

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... High Unreviewed

CVE-2017-11133 was published May 17, 2022

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... High Unreviewed

CVE-2021-27457 was published May 24, 2022

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD... High Unreviewed

CVE-2022-24296 was published Jun 9, 2022

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated... Low Unreviewed

CVE-2021-34688 was published May 24, 2022

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that... Moderate Unreviewed

CVE-2020-10932 was published May 24, 2022

Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute... High Unreviewed

CVE-2021-33582 was published May 24, 2022

Previous 1 2 … 14 15 16 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

445 advisories