GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,554

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

436 advisories

Filter by severity

Sort by

Least recently updated

IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information,... Moderate Unreviewed

CVE-2016-3034 was published May 17, 2022

An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue... Moderate Unreviewed

CVE-2016-4685 was published May 17, 2022

This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2020-10919 was published May 24, 2022

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed

CVE-2015-8085 was published May 17, 2022

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed

CVE-2015-8086 was published May 17, 2022

The user and password data base is exposed by an unprotected web server resource. Passwords are... High Unreviewed

CVE-2021-23855 was published May 24, 2022

The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a... Critical Unreviewed

CVE-2021-42949 was published Sep 17, 2022

DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt... Moderate Unreviewed

CVE-2021-40341 was published Jan 6, 2023

Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through... Moderate Unreviewed

CVE-2020-16235 was published May 20, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2019-4339 was published May 24, 2022

The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure ... High Unreviewed

CVE-2019-10639 was published May 24, 2022

In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open... Low Unreviewed

CVE-2022-46825 was published Dec 8, 2022

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is... High Unreviewed

CVE-2019-14332 was published May 24, 2022

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values... Moderate Unreviewed

CVE-2019-10638 was published May 24, 2022

In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it... Moderate Unreviewed

CVE-2019-15947 was published May 24, 2022

In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub... Moderate Unreviewed

CVE-2019-14664 was published May 24, 2022

The Infinite Design application 3.4.12 for Android sends a username and password via TCP without... Moderate Unreviewed

CVE-2019-17356 was published May 24, 2022

Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions... High Unreviewed

CVE-2019-8237 was published May 24, 2022

A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle... Moderate Unreviewed

CVE-2019-1338 was published May 24, 2022

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,... Moderate Unreviewed

CVE-2020-25685 was published May 24, 2022

A flaw was found in the way certificate signatures could be forged using collisions found in the... Moderate Unreviewed

CVE-2019-14855 was published May 24, 2022

An issue was discovered in Intesync Solismed 3.3sp1. An flaw in the encryption implementation... Moderate Unreviewed

CVE-2019-17428 was published May 24, 2022

The Bitwarden server through 1.32.0 has a potentially unwanted KDF. Moderate Unreviewed

CVE-2019-19766 was published May 24, 2022

An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a... Moderate Unreviewed

CVE-2019-8772 was published May 24, 2022

In affected versions of Octopus Server it was identified that the same encryption process was... Moderate Unreviewed

CVE-2022-2781 was published Oct 6, 2022

Previous 1 2 3 4 5 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

436 advisories