Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

452 advisories

Loading
A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and... Moderate Unreviewed
CVE-2017-10668 was published May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption... Moderate Unreviewed
CVE-2017-1339 was published May 13, 2022
IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic... High Unreviewed
CVE-2017-1598 was published May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to... High Unreviewed
CVE-2017-15997 was published May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static... High Unreviewed
CVE-2017-15998 was published May 13, 2022
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67... Moderate Unreviewed
CVE-2017-17382 was published May 13, 2022
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote... High Unreviewed
CVE-2017-17428 was published May 13, 2022
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server... Critical Unreviewed
CVE-2017-4917 was published May 13, 2022
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8... High Unreviewed
CVE-2017-5186 was published May 13, 2022
OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an... Moderate Unreviewed
CVE-2017-8157 was published May 13, 2022
An issue was discovered on Mimosa Client Radios before 2.2.3. In the device's web interface,... High Unreviewed
CVE-2017-9136 was published May 13, 2022
** DISPUTED ** An issue was discovered in SMA Solar Technology products. The inverters make use... Critical Unreviewed
CVE-2017-9859 was published May 13, 2022
CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary... High Unreviewed
CVE-2018-10084 was published May 13, 2022
** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on... High Unreviewed
CVE-2018-11209 was published May 13, 2022
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware... Moderate Unreviewed
CVE-2018-15355 was published May 13, 2022
A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and... Moderate Unreviewed
CVE-2018-16806 was published May 13, 2022
WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such... Moderate Unreviewed
CVE-2018-5152 was published May 13, 2022
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker... Moderate Unreviewed
CVE-2018-7959 was published May 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J High
CVE-2015-0226 was published for org.apache.ws.security:wss4j (Maven) May 14, 2022
r3kumar
BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash. Moderate Unreviewed
CVE-2018-18587 was published May 14, 2022
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which... Critical Unreviewed
CVE-2016-6602 was published May 14, 2022
IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. High Unreviewed
CVE-2018-12420 was published May 14, 2022
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to... High Unreviewed
CVE-2018-10831 was published May 14, 2022
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database... High Unreviewed
CVE-2018-6619 was published May 14, 2022
DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability.... Moderate Unreviewed
CVE-2017-15326 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database