Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

249 advisories

Loading
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL)... Moderate Unreviewed
CVE-2017-13084 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the... High Unreviewed
CVE-2017-13082 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group... Moderate Unreviewed
CVE-2017-13087 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13079 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13081 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity... Moderate Unreviewed
CVE-2017-13088 was published May 13, 2022
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380... High Unreviewed
CVE-2017-15654 was published May 13, 2022
wp-admin/user-new.php in WordPress before 4.9.1 sets the newbloguser key to a string that can be... High Unreviewed
CVE-2017-17091 was published May 13, 2022
Remote Information Disclosure and Escalation of Privileges in ManageEngine Desktop Central MSP 10... Critical Unreviewed
CVE-2017-16924 was published May 13, 2022
A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569... High Unreviewed
CVE-2017-17704 was published May 13, 2022
On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single... Moderate Unreviewed
CVE-2017-17910 was published May 13, 2022
An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies,... Critical Unreviewed
CVE-2018-16239 was published May 13, 2022
POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be... High Unreviewed
CVE-2018-15807 was published May 13, 2022
An issue was discovered on Sigma Design Z-Wave S0 through S2 devices. An attacker first prepares... Moderate Unreviewed
CVE-2018-19983 was published May 13, 2022
goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data ... Critical Unreviewed
CVE-2018-18375 was published May 13, 2022
Use of Insufficiently Random Values exists in CODESYS V3 products versions prior V3.5.14.0. High Unreviewed
CVE-2018-20025 was published May 14, 2022
In random_get_bytes of random.c, there is a possible degradation of randomness due to an insecure... High Unreviewed
CVE-2019-1997 was published May 14, 2022
The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum... High Unreviewed
CVE-2018-17987 was published May 14, 2022
Pivotal Operations Manager, versions 2.1 prior to 2.1.6 and 2.0 prior to 2.0.15 and 1.12 prior to... Moderate Unreviewed
CVE-2018-11045 was published May 14, 2022
Predictable SIF UUID Identifiers in github.com/sylabs/sif High
CVE-2021-29499 was published for github.com/sylabs/sif (Go) May 18, 2021
Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide... High Unreviewed
CVE-2022-30782 was published May 17, 2022
PWR-Q200 does not use random values for source ports of DNS query packets, which allows remote... High Unreviewed
CVE-2017-10874 was published May 17, 2022
wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects... Critical Unreviewed
CVE-2022-23408 was published Jan 19, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authentication bypass... Critical Unreviewed
CVE-2021-36294 was published Jan 27, 2022
CyberArk Identity versions up to and including 22.1 in the 'StartAuthentication' resource,... Moderate Unreviewed
CVE-2022-22700 was published Mar 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database