GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,477
Composer 3,978
Erlang 29
GitHub Actions 16
Go 1,768
Maven 4,991
npm 3,537
NuGet 616
pip 3,107
Pub 10
RubyGems 837
Rust 786
Swift 34

Unreviewed advisories

All unreviewed 222,598

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

350 advisories

Filter by severity

Sort by

Least recently updated

Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers... Moderate Unreviewed

CVE-2022-30111 was published May 19, 2022

A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual... High Unreviewed

CVE-2019-1706 was published May 24, 2022

HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized,... Moderate Unreviewed

CVE-2019-11323 was published May 24, 2022

IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2019-4156 was published May 24, 2022

Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor... Moderate Unreviewed

CVE-2019-9836 was published May 24, 2022

Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71... High Unreviewed

CVE-2019-12171 was published May 24, 2022

There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U... Moderate Unreviewed

CVE-2019-13604 was published May 24, 2022

A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All... Moderate Unreviewed

CVE-2019-10929 was published May 24, 2022

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low... High Unreviewed

CVE-2019-9506 was published May 24, 2022

An issue was discovered in 3S-Smart CODESYS V3 products. The application may utilize non-TLS... High Unreviewed

CVE-2019-9013 was published May 24, 2022

A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to... High Unreviewed

CVE-2019-12621 was published May 24, 2022

An exploitable information disclosure vulnerability exists in the Weave PASE pairing... Critical Unreviewed

CVE-2019-5035 was published May 24, 2022

The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses... Moderate Unreviewed

CVE-2018-18371 was published May 24, 2022

An issue was discovered in Total.js CMS 12.0.0. A low privilege user can perform a simple... Moderate Unreviewed

CVE-2019-15955 was published May 24, 2022

In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed

CVE-2019-1563 was published May 24, 2022

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon... High Unreviewed

CVE-2019-10492 was published May 24, 2022

Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed

CVE-2019-3736 was published May 24, 2022

EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in... Moderate Unreviewed

CVE-2019-16116 was published May 24, 2022

MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. This... Moderate Unreviewed

CVE-2019-13629 was published May 24, 2022

"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used... Moderate Unreviewed

CVE-2018-5745 was published May 24, 2022

On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture... Moderate Unreviewed

CVE-2019-11341 was published May 24, 2022

Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed

CVE-2019-8237 was published May 24, 2022

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected... High Unreviewed

CVE-2019-4399 was published May 24, 2022

The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential... Moderate Unreviewed

CVE-2019-18659 was published May 24, 2022

STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the... Moderate Unreviewed

CVE-2019-16863 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

350 advisories