GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,352

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

462 advisories

Filter by severity

Sort by

Least recently updated

On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL... Moderate Unreviewed

CVE-2019-6593 was published May 13, 2022

An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored... High Unreviewed

CVE-2019-7673 was published May 13, 2022

Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio... Critical Unreviewed

CVE-2019-9483 was published May 13, 2022

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side... Moderate Unreviewed

CVE-2018-0737 was published May 13, 2022

The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container... High Unreviewed

CVE-2019-3818 was published May 13, 2022

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state... Moderate Unreviewed

CVE-2015-2808 was published May 13, 2022

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM... Moderate Unreviewed

CVE-2018-10846 was published May 13, 2022

It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen... Moderate Unreviewed

CVE-2018-10844 was published May 13, 2022

It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen... Moderate Unreviewed

CVE-2018-10845 was published May 13, 2022

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed

CVE-2018-0735 was published May 13, 2022

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed

CVE-2018-0734 was published May 13, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected... Moderate Unreviewed

CVE-2018-1996 was published May 13, 2022

An issue was discovered in iDashboards 9.6b. The SSO implementation is affected by a weak... High Unreviewed

CVE-2018-7211 was published May 13, 2022

An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles... High Unreviewed

CVE-2019-0688 was published May 13, 2022

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was... Moderate Unreviewed

CVE-2019-5719 was published May 13, 2022

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14... Moderate Unreviewed

CVE-2019-6485 was published May 13, 2022

cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly... High Unreviewed

CVE-2018-6829 was published May 13, 2022

A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain... High Unreviewed

CVE-2019-7477 was published May 13, 2022

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325... High Unreviewed

CVE-2019-1828 was published May 13, 2022

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL... High Unreviewed

CVE-2018-5458 was published May 13, 2022

IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than... Moderate Unreviewed

CVE-2018-1428 was published May 13, 2022

The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does... High Unreviewed

CVE-2017-5243 was published May 13, 2022

IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses... Moderate Unreviewed

CVE-2017-1575 was published May 13, 2022

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses... Moderate Unreviewed

CVE-2017-1571 was published May 13, 2022

Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation... Moderate Unreviewed

CVE-2017-16718 was published May 13, 2022

Previous 1 2 3 4 5 6 7 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

462 advisories