Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

163 advisories

Loading
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected... High Unreviewed
CVE-2019-4399 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed
CVE-2019-8237 was published May 24, 2022
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed
CVE-2019-3736 was published May 24, 2022
Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed
CVE-2019-10492 was published May 24, 2022
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to... High Unreviewed
CVE-2019-12621 was published May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS... High Unreviewed
CVE-2019-9013 was published May 24, 2022
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low... High Unreviewed
CVE-2019-9506 was published May 24, 2022
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed
CVE-2019-12171 was published May 24, 2022
A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual... High Unreviewed
CVE-2019-1706 was published May 24, 2022
mod_ns in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux HPC Node 7, Red Hat... High Unreviewed
CVE-2016-3099 was published May 17, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... High Unreviewed
CVE-2017-11133 was published May 17, 2022
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database... High Unreviewed
CVE-2018-6619 was published May 14, 2022
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to... High Unreviewed
CVE-2018-10831 was published May 14, 2022
IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. High Unreviewed
CVE-2018-12420 was published May 14, 2022
** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on... High Unreviewed
CVE-2018-11209 was published May 13, 2022
CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary... High Unreviewed
CVE-2018-10084 was published May 13, 2022
An issue was discovered on Mimosa Client Radios before 2.2.3. In the device's web interface,... High Unreviewed
CVE-2017-9136 was published May 13, 2022
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8... High Unreviewed
CVE-2017-5186 was published May 13, 2022
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote... High Unreviewed
CVE-2017-17428 was published May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static... High Unreviewed
CVE-2017-15998 was published May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to... High Unreviewed
CVE-2017-15997 was published May 13, 2022
IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic... High Unreviewed
CVE-2017-1598 was published May 13, 2022
The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does... High Unreviewed
CVE-2017-5243 was published May 13, 2022
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL... High Unreviewed
CVE-2018-5458 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325... High Unreviewed
CVE-2019-1828 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database