GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
353 advisories
Filter by severity
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of...
High
Unreviewed
CVE-2019-5163
was published
May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR...
Low
Unreviewed
CVE-2019-18340
was published
May 24, 2022
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak...
Moderate
Unreviewed
CVE-2019-19397
was published
May 24, 2022
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in...
High
Unreviewed
CVE-2019-19962
was published
May 24, 2022
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the...
High
Unreviewed
CVE-2019-20138
was published
May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR...
Moderate
Unreviewed
CVE-2019-19299
was published
May 24, 2022
A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e...
Low
Unreviewed
CVE-2019-5106
was published
May 24, 2022
openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than...
Moderate
Unreviewed
CVE-2020-10788
was published
May 24, 2022
An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file...
Moderate
Unreviewed
CVE-2020-10560
was published
May 24, 2022
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is...
Moderate
Unreviewed
CVE-2020-11501
was published
May 24, 2022
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and...
Moderate
Unreviewed
CVE-2020-10601
was published
May 24, 2022
wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing...
Moderate
Unreviewed
CVE-2020-11713
was published
May 24, 2022
An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that...
Moderate
Unreviewed
CVE-2020-10932
was published
May 24, 2022
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242...
Moderate
Unreviewed
CVE-2020-11876
was published
May 24, 2022
D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the...
Low
Unreviewed
CVE-2020-13135
was published
May 24, 2022
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of...
Moderate
Unreviewed
CVE-2020-13777
was published
May 24, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 ...
Moderate
Unreviewed
CVE-2020-7511
was published
May 24, 2022
During RSA key generation, bignum implementations used a variation of the Binary Extended...
Moderate
Unreviewed
CVE-2020-12402
was published
May 24, 2022
An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect...
Low
Unreviewed
CVE-2020-13132
was published
May 24, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy...
High
Unreviewed
CVE-2020-7514
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
High
Unreviewed
CVE-2020-10927
was published
May 24, 2022
A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka ...
Moderate
Unreviewed
CVE-2020-1596
was published
May 24, 2022
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected,...
Critical
Unreviewed
CVE-2020-14517
was published
May 24, 2022
In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of...
Moderate
Unreviewed
CVE-2020-24619
was published
May 24, 2022
During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time...
Moderate
Unreviewed
CVE-2020-12401
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API