GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,143
Composer 4,083
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,108
npm 3,644
NuGet 638
pip 3,260
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 229,072

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

440 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... High Unreviewed

CVE-2021-27457 was published May 24, 2022

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... High Unreviewed

CVE-2017-11133 was published May 17, 2022

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP... High Unreviewed

CVE-2020-28396 was published May 24, 2022

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed

CVE-2022-31230 was published Jun 29, 2022

Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed

CVE-2014-8687 was published May 17, 2022

The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a... Critical Unreviewed

CVE-2017-9466 was published May 17, 2022

A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server... High Unreviewed

CVE-2022-28622 was published Jun 28, 2022

On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade... High Unreviewed

CVE-2022-28370 was published Jul 15, 2022

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak... Moderate Unreviewed

CVE-2022-34757 was published Jul 14, 2022

LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High

CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022

Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed

CVE-2022-34632 was published Jul 19, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29965 was published Jul 27, 2022

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an... Moderate Unreviewed

CVE-2022-46140 was published Dec 13, 2022

Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4... High Unreviewed

CVE-2020-27653 was published May 24, 2022

Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6... High Unreviewed

CVE-2020-27652 was published May 24, 2022

SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation... Moderate Unreviewed

CVE-2022-45195 was published Nov 13, 2022

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34319 was published Nov 14, 2022

IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34320 was published Nov 15, 2022

Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers... Moderate Unreviewed

CVE-2022-30111 was published May 19, 2022

Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed

CVE-2019-12171 was published May 24, 2022

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed

CVE-2019-10492 was published May 24, 2022

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to... High Unreviewed

CVE-2019-12621 was published May 24, 2022

Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed

CVE-2019-8237 was published May 24, 2022

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed

CVE-2019-3736 was published May 24, 2022

STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the... Moderate Unreviewed

CVE-2019-16863 was published May 24, 2022

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

440 advisories