GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,745
Composer 4,029
Erlang 29
GitHub Actions 16
Go 1,833
Maven 5,050
npm 3,573
NuGet 632
pip 3,160
Pub 10
RubyGems 847
Rust 798
Swift 34

Unreviewed advisories

All unreviewed 224,761

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

353 advisories

Filter by severity

Sort by

Least recently updated

An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of... High Unreviewed

CVE-2019-5163 was published May 24, 2022

A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Low Unreviewed

CVE-2019-18340 was published May 24, 2022

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak... Moderate Unreviewed

CVE-2019-19397 was published May 24, 2022

wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in... High Unreviewed

CVE-2019-19962 was published May 24, 2022

The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the... High Unreviewed

CVE-2019-20138 was published May 24, 2022

A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Moderate Unreviewed

CVE-2019-19299 was published May 24, 2022

A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e... Low Unreviewed

CVE-2019-5106 was published May 24, 2022

openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than... Moderate Unreviewed

CVE-2020-10788 was published May 24, 2022

An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file... Moderate Unreviewed

CVE-2020-10560 was published May 24, 2022

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is... Moderate Unreviewed

CVE-2020-11501 was published May 24, 2022

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and... Moderate Unreviewed

CVE-2020-10601 was published May 24, 2022

wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing... Moderate Unreviewed

CVE-2020-11713 was published May 24, 2022

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that... Moderate Unreviewed

CVE-2020-10932 was published May 24, 2022

airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242... Moderate Unreviewed

CVE-2020-11876 was published May 24, 2022

D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the... Low Unreviewed

CVE-2020-13135 was published May 24, 2022

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of... Moderate Unreviewed

CVE-2020-13777 was published May 24, 2022

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 ... Moderate Unreviewed

CVE-2020-7511 was published May 24, 2022

During RSA key generation, bignum implementations used a variation of the Binary Extended... Moderate Unreviewed

CVE-2020-12402 was published May 24, 2022

An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect... Low Unreviewed

CVE-2020-13132 was published May 24, 2022

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy... High Unreviewed

CVE-2020-7514 was published May 24, 2022

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed

CVE-2020-10927 was published May 24, 2022

A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka ... Moderate Unreviewed

CVE-2020-1596 was published May 24, 2022

Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected,... Critical Unreviewed

CVE-2020-14517 was published May 24, 2022

In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of... Moderate Unreviewed

CVE-2020-24619 was published May 24, 2022

During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time... Moderate Unreviewed

CVE-2020-12401 was published May 24, 2022

Previous 1 2 … 5 6 7 8 9 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

353 advisories