Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

34 advisories

Loading
Inadequate Encryption Strength Critical
CVE-2017-1000486 was published for org.primefaces:primefaces (Maven) Jun 3, 2021
Inadequate Encryption Strength in python-keystoneclient Critical
CVE-2013-2166 was published for python-keystoneclient (pip) Oct 12, 2021
Apache Linkis Authentication Bypass vulnerability Critical
CVE-2023-27987 was published for org.apache.linkis:linkis (Maven) Jul 6, 2023
Under certain circumstances the communication between exacqVision Client and exacqVision Server... Critical Unreviewed
CVE-2024-32758 was published Aug 2, 2024
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2... Critical Unreviewed
CVE-2017-11317 was published May 13, 2022
The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always... Critical Unreviewed
CVE-2011-4121 was published Apr 22, 2022
Session data between cluster nodes during cluster synchronization is not properly encrypted in... Critical Unreviewed
CVE-2018-20810 was published May 24, 2022
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by... Critical Unreviewed
CVE-2022-45141 was published Mar 7, 2023
Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62,... Critical Unreviewed
CVE-2021-45512 was published Dec 27, 2021
Dolibarr ERP and CRM Insecure Encryption Critical
CVE-2017-7888 was published for dolibarr/dolibarr (Composer) May 17, 2022
Elliptic Curve Key Disclosure in go-jose Critical
CVE-2016-9121 was published for github.com/square/go-jose (Go) Jun 23, 2021
In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure... Critical Unreviewed
CVE-2015-0575 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback... Critical Unreviewed
CVE-2014-9975 was published May 17, 2022
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which some communications to... Critical Unreviewed
CVE-2017-14090 was published May 14, 2022
Weak hashing algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version ... Critical Unreviewed
CVE-2018-15124 was published May 14, 2022
Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum,... Critical Unreviewed
CVE-2018-7242 was published May 14, 2022
Apache OpenMeetings has Inadequate Encryption Strength Critical
CVE-2017-7673 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 13, 2022
Beckhoff TwinCAT supports communication over ADS. ADS is a protocol for industrial automation in... Critical Unreviewed
CVE-2017-16726 was published May 13, 2022
A Weak Cryptography for Passwords issue was discovered in General Electric (GE) Multilin SR 750... Critical Unreviewed
CVE-2017-7905 was published May 13, 2022
A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA)... Critical Unreviewed
CVE-2018-0448 was published May 13, 2022
Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of... Critical Unreviewed
CVE-2019-10907 was published May 13, 2022
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170... Critical Unreviewed
CVE-2016-5804 was published May 13, 2022
Hytec Inter HWL-2511-SS v1.05 and below implements a SHA512crypt hash for the root account which... Critical Unreviewed
CVE-2022-36555 was published Aug 30, 2022
Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX... Critical Unreviewed
CVE-2021-21507 was published May 24, 2022
Zoho ManageEngine Application Control Plus before 100523 has an insecure SSL configuration... Critical Unreviewed
CVE-2020-29658 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database