Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

241 advisories

Loading
BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash. Moderate Unreviewed
CVE-2018-18587 was published May 14, 2022
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker... Moderate Unreviewed
CVE-2018-7959 was published May 13, 2022
WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such... Moderate Unreviewed
CVE-2018-5152 was published May 13, 2022
A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and... Moderate Unreviewed
CVE-2018-16806 was published May 13, 2022
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware... Moderate Unreviewed
CVE-2018-15355 was published May 13, 2022
OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an... Moderate Unreviewed
CVE-2017-8157 was published May 13, 2022
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67... Moderate Unreviewed
CVE-2017-17382 was published May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption... Moderate Unreviewed
CVE-2017-1339 was published May 13, 2022
A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and... Moderate Unreviewed
CVE-2017-10668 was published May 13, 2022
Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation... Moderate Unreviewed
CVE-2017-16718 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses... Moderate Unreviewed
CVE-2017-1571 was published May 13, 2022
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses... Moderate Unreviewed
CVE-2017-1575 was published May 13, 2022
IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than... Moderate Unreviewed
CVE-2018-1428 was published May 13, 2022
Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14... Moderate Unreviewed
CVE-2019-6485 was published May 13, 2022
In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was... Moderate Unreviewed
CVE-2019-5719 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected... Moderate Unreviewed
CVE-2018-1996 was published May 13, 2022
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed
CVE-2018-0735 was published May 13, 2022
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed
CVE-2018-0734 was published May 13, 2022
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen... Moderate Unreviewed
CVE-2018-10845 was published May 13, 2022
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen... Moderate Unreviewed
CVE-2018-10844 was published May 13, 2022
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM... Moderate Unreviewed
CVE-2018-10846 was published May 13, 2022
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state... Moderate Unreviewed
CVE-2015-2808 was published May 13, 2022
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side... Moderate Unreviewed
CVE-2018-0737 was published May 13, 2022
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL... Moderate Unreviewed
CVE-2019-6593 was published May 13, 2022
Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an... Moderate Unreviewed
CVE-2019-5754 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database