GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
452 advisories
Filter by severity
A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and...
Moderate
Unreviewed
CVE-2017-10668
was published
May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) Server uses weak encryption...
Moderate
Unreviewed
CVE-2017-1339
was published
May 13, 2022
IBM Security Guardium 10.0 Database Activity Monitor uses weaker than expected cryptographic...
High
Unreviewed
CVE-2017-1598
was published
May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to...
High
Unreviewed
CVE-2017-15997
was published
May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static...
High
Unreviewed
CVE-2017-15998
was published
May 13, 2022
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67...
Moderate
Unreviewed
CVE-2017-17382
was published
May 13, 2022
Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote...
High
Unreviewed
CVE-2017-17428
was published
May 13, 2022
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server...
Critical
Unreviewed
CVE-2017-4917
was published
May 13, 2022
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8...
High
Unreviewed
CVE-2017-5186
was published
May 13, 2022
OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an...
Moderate
Unreviewed
CVE-2017-8157
was published
May 13, 2022
An issue was discovered on Mimosa Client Radios before 2.2.3. In the device's web interface,...
High
Unreviewed
CVE-2017-9136
was published
May 13, 2022
** DISPUTED ** An issue was discovered in SMA Solar Technology products. The inverters make use...
Critical
Unreviewed
CVE-2017-9859
was published
May 13, 2022
CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary...
High
Unreviewed
CVE-2018-10084
was published
May 13, 2022
** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on...
High
Unreviewed
CVE-2018-11209
was published
May 13, 2022
Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware...
Moderate
Unreviewed
CVE-2018-15355
was published
May 13, 2022
A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and...
Moderate
Unreviewed
CVE-2018-16806
was published
May 13, 2022
WebExtensions with the appropriate permissions can attach content scripts to Mozilla sites such...
Moderate
Unreviewed
CVE-2018-5152
was published
May 13, 2022
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker...
Moderate
Unreviewed
CVE-2018-7959
was published
May 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J
High
CVE-2015-0226
was published
for
org.apache.ws.security:wss4j
(Maven)
May 14, 2022
BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash.
Moderate
Unreviewed
CVE-2018-18587
was published
May 14, 2022
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which...
Critical
Unreviewed
CVE-2016-6602
was published
May 14, 2022
IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request.
High
Unreviewed
CVE-2018-12420
was published
May 14, 2022
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to...
High
Unreviewed
CVE-2018-10831
was published
May 14, 2022
Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database...
High
Unreviewed
CVE-2018-6619
was published
May 14, 2022
DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability....
Moderate
Unreviewed
CVE-2017-15326
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API