Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

28 advisories

Loading
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote... Critical Unreviewed
CVE-2022-26854 was published Apr 9, 2022
An exploitable information disclosure vulnerability exists in the Weave PASE pairing... Critical Unreviewed
CVE-2019-5035 was published May 24, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed
CVE-2022-31230 was published Jun 29, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed
CVE-2014-8687 was published May 17, 2022
The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a... Critical Unreviewed
CVE-2017-9466 was published May 17, 2022
Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed
CVE-2022-34632 was published Jul 19, 2022
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected,... Critical Unreviewed
CVE-2020-14517 was published May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX)... Critical Unreviewed
CVE-2021-22738 was published May 24, 2022
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification... Critical Unreviewed
CVE-2021-20305 was published May 24, 2022
In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call... Critical Unreviewed
CVE-2019-25052 was published May 24, 2022
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and... Critical Unreviewed
CVE-2020-36363 was published May 24, 2022
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH... Critical Unreviewed
CVE-2021-36298 was published May 24, 2022
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Passwords are stored using... Critical Unreviewed
CVE-2019-5723 was published May 13, 2022
Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio... Critical Unreviewed
CVE-2019-9483 was published May 13, 2022
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server... Critical Unreviewed
CVE-2017-4917 was published May 13, 2022
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which... Critical Unreviewed
CVE-2016-6602 was published May 14, 2022
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters... Critical Unreviewed
CVE-2017-17878 was published May 14, 2022
Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded... Critical Unreviewed
CVE-2017-17717 was published May 14, 2022
The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies... Critical Unreviewed
CVE-2021-31562 was published Jan 22, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client... Critical Unreviewed
CVE-2014-9969 was published May 17, 2022
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php. Critical Unreviewed
CVE-2021-42216 was published Dec 16, 2021
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2.... Critical Unreviewed
CVE-2021-31556 was published May 24, 2022
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by... Critical Unreviewed
CVE-2022-45141 was published Mar 7, 2023
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of... Critical Unreviewed
CVE-2023-34039 was published Aug 29, 2023
Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation... Critical Unreviewed
CVE-2024-0323 was published Feb 5, 2024
ProTip! Advisories are also available from the GraphQL API