GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
44 advisories
Filter by severity
goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data ...
Critical
Unreviewed
CVE-2018-18375
was published
May 13, 2022
An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies,...
Critical
Unreviewed
CVE-2018-16239
was published
May 13, 2022
Remote Information Disclosure and Escalation of Privileges in ManageEngine Desktop Central MSP 10...
Critical
Unreviewed
CVE-2017-16924
was published
May 13, 2022
A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen...
Critical
Unreviewed
CVE-2017-7902
was published
May 13, 2022
NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that...
Critical
Unreviewed
CVE-2018-17888
was published
May 13, 2022
The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well...
Critical
Unreviewed
CVE-2019-0007
was published
May 13, 2022
The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary...
Critical
Unreviewed
CVE-2018-18602
was published
May 13, 2022
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.
Critical
Unreviewed
CVE-2019-9898
was published
May 13, 2022
Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm...
Critical
Unreviewed
CVE-2019-9863
was published
May 13, 2022
An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric...
Critical
Unreviewed
CVE-2019-0729
was published
May 13, 2022
A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs...
Critical
Unreviewed
CVE-2017-6026
was published
May 13, 2022
Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness
Critical
Unreviewed
CVE-2013-4102
was published
May 5, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,...
Critical
Unreviewed
CVE-2022-25752
was published
Apr 13, 2022
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the...
Critical
Unreviewed
CVE-2022-27577
was published
Apr 12, 2022
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state...
Critical
Unreviewed
CVE-2022-26851
was published
Apr 9, 2022
The Rambus SafeZone Basic Crypto Module, as used in certain Fujifilm (formerly Fuji Xerox)...
Critical
Unreviewed
CVE-2022-26320
was published
Mar 15, 2022
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the...
Critical
Unreviewed
CVE-2021-20322
was published
Feb 19, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass...
Critical
Unreviewed
CVE-2021-36294
was published
Jan 27, 2022
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects...
Critical
Unreviewed
CVE-2022-23408
was published
Jan 19, 2022
ProTip!
Advisories are also available from the
GraphQL API