Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

104 advisories

Loading
An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which... Moderate Unreviewed
CVE-2022-44795 was published Nov 7, 2022
A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (versions... Moderate Unreviewed
CVE-2021-27393 was published May 24, 2022
Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote... Moderate Unreviewed
CVE-2021-25375 was published May 24, 2022
Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing... Moderate Unreviewed
CVE-2021-26909 was published May 24, 2022
The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and... Moderate Unreviewed
CVE-2021-23020 was published May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms... Moderate Unreviewed
CVE-2021-3446 was published May 24, 2022
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All... Moderate Unreviewed
CVE-2021-37186 was published May 24, 2022
A misconfiguration of RSA in PingID Android app prior to 1.19 is vulnerable to pre-computed... Moderate Unreviewed
CVE-2021-41993 was published May 3, 2022
A misconfiguration of RSA in PingID iOS app prior to 1.19 is vulnerable to pre-computed... Moderate Unreviewed
CVE-2021-41994 was published May 3, 2022
Insufficient Entropy in Spring Security Moderate
CVE-2020-5408 was published for org.springframework.security:spring-security-core (Maven) Jun 15, 2020
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x... Moderate Unreviewed
CVE-2015-3963 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)... Moderate Unreviewed
CVE-2017-13080 was published May 13, 2022
Weak JSON Web Token in yapi-vendor Moderate
CVE-2021-27884 was published for yapi-vendor (npm) Mar 26, 2021
Use of Cryptographically Weak Pseudo-Random Number Generator in yiisoft/yii2-dev Moderate
CVE-2021-3692 was published for yiisoft/yii2-dev (Composer) Sep 1, 2021
Use of insufficiently random values vulnerability in SYNO.Encryption.GenRandomKey in Synology... Moderate Unreviewed
CVE-2018-13280 was published May 13, 2022
Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared... Moderate Unreviewed
CVE-2018-1279 was published May 13, 2022
A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to... Moderate Unreviewed
CVE-2017-12361 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)... Moderate Unreviewed
CVE-2017-13078 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup ... Moderate Unreviewed
CVE-2017-13086 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK)... Moderate Unreviewed
CVE-2017-13077 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL)... Moderate Unreviewed
CVE-2017-13084 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group... Moderate Unreviewed
CVE-2017-13087 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13079 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13081 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity... Moderate Unreviewed
CVE-2017-13088 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database