GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,667
Composer 4,466
Erlang 33
GitHub Actions 23
Go 2,166
Maven 5,398
npm 3,830
NuGet 696
pip 3,507
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,842

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

482 advisories

Filter by severity

Sort by

Least recently updated

LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High

CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak... Moderate Unreviewed

CVE-2022-34757 was published Jul 14, 2022

On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade... High Unreviewed

CVE-2022-28370 was published Jul 15, 2022

A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server... High Unreviewed

CVE-2022-28622 was published Jun 28, 2022

The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a... Critical Unreviewed

CVE-2017-9466 was published May 17, 2022

Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed

CVE-2014-8687 was published May 17, 2022

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed

CVE-2022-31230 was published Jun 29, 2022

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP... High Unreviewed

CVE-2020-28396 was published May 24, 2022

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... High Unreviewed

CVE-2017-11133 was published May 17, 2022

A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... High Unreviewed

CVE-2021-27457 was published May 24, 2022

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD... High Unreviewed

CVE-2022-24296 was published Jun 9, 2022

iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated... Low Unreviewed

CVE-2021-34688 was published May 24, 2022

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that... Moderate Unreviewed

CVE-2020-10932 was published May 24, 2022

Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute... High Unreviewed

CVE-2021-33582 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of... High Unreviewed

CVE-2019-5163 was published May 24, 2022

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in... High Unreviewed

CVE-2021-22309 was published May 24, 2022

BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an... High Unreviewed

CVE-2020-27611 was published May 24, 2022

steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to... High Unreviewed

CVE-2021-27211 was published May 24, 2022

Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop Critical

CVE-2012-4449 was published for org.apache.hadoop:hadoop-client (Maven) May 17, 2022

In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an... High Unreviewed

CVE-2021-45485 was published Dec 26, 2021

An exploitable information disclosure vulnerability exists in the Weave PASE pairing... Critical Unreviewed

CVE-2019-5035 was published May 24, 2022

In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information... Moderate Unreviewed

CVE-2021-45486 was published Dec 26, 2021

The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation... High Unreviewed

CVE-2022-29566 was published Apr 22, 2022

IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed

CVE-2021-39076 was published Apr 20, 2022

Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm... High Unreviewed

CVE-2022-22559 was published Apr 13, 2022

Previous 1 2 … 16 17 18 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

482 advisories