GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,795

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

182 advisories

Filter by severity

Sort by

Least recently updated

FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability.... Moderate Unreviewed

CVE-2017-8191 was published May 14, 2022

Elemental Path's CogniToys Dino smart toys through firmware version 0.0.794 share a fixed small... Moderate Unreviewed

CVE-2017-8866 was published May 14, 2022

The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security... Moderate Unreviewed

CVE-2017-14937 was published May 14, 2022

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use... Moderate Unreviewed

CVE-2017-17167 was published May 14, 2022

DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability.... Moderate Unreviewed

CVE-2017-15326 was published May 14, 2022

BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash. Moderate Unreviewed

CVE-2018-18587 was published May 14, 2022

There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker... Moderate Unreviewed

CVE-2018-7959 was published May 13, 2022

WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such... Moderate Unreviewed

CVE-2018-5152 was published May 13, 2022

A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and... Moderate Unreviewed

CVE-2018-16806 was published May 13, 2022

Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware... Moderate Unreviewed

CVE-2018-15355 was published May 13, 2022

OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an... Moderate Unreviewed

CVE-2017-8157 was published May 13, 2022

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67... Moderate Unreviewed

CVE-2017-17382 was published May 13, 2022

IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption... Moderate Unreviewed

CVE-2017-1339 was published May 13, 2022

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and... Moderate Unreviewed

CVE-2017-10668 was published May 13, 2022

Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation... Moderate Unreviewed

CVE-2017-16718 was published May 13, 2022

IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses... Moderate Unreviewed

CVE-2017-1575 was published May 13, 2022

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses... Moderate Unreviewed

CVE-2017-1571 was published May 13, 2022

IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than... Moderate Unreviewed

CVE-2018-1428 was published May 13, 2022

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14... Moderate Unreviewed

CVE-2019-6485 was published May 13, 2022

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was... Moderate Unreviewed

CVE-2019-5719 was published May 13, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected... Moderate Unreviewed

CVE-2018-1996 was published May 13, 2022

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed

CVE-2018-0734 was published May 13, 2022

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed

CVE-2018-0735 was published May 13, 2022

It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen... Moderate Unreviewed

CVE-2018-10845 was published May 13, 2022

It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen... Moderate Unreviewed

CVE-2018-10844 was published May 13, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

182 advisories