GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
188 advisories
Filter by severity
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)...
Moderate
Unreviewed
CVE-2022-20941
was published
Nov 16, 2022
A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1....
Moderate
Unreviewed
CVE-2022-3959
was published
Nov 11, 2022
Multiple W&T products of the Comserver Series use a small number space for allocating sessions...
Critical
Unreviewed
CVE-2022-42787
was published
Nov 10, 2022
An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which...
Moderate
Unreviewed
CVE-2022-44795
was published
Nov 7, 2022
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict...
Critical
Unreviewed
CVE-2022-30935
was published
Sep 29, 2022
ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used...
Moderate
Unreviewed
CVE-2022-38970
was published
Sep 27, 2022
In Samba, GnuTLS gnutls_rnd() can fail and give predictable random values.
Moderate
Unreviewed
CVE-2022-1615
was published
Sep 2, 2022
Apache OpenOffice supports the storage of passwords for web connections in the user's...
High
Unreviewed
CVE-2022-37400
was published
Aug 16, 2022
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1...
High
Unreviewed
CVE-2022-30629
was published
Aug 11, 2022
In Quest KACE Systems Management Appliance (SMA) through 12.0, predictable token generation...
High
Unreviewed
CVE-2022-29808
was published
Aug 3, 2022
LibreOffice supports the storage of passwords for web connections in the user’s configuration...
High
Unreviewed
CVE-2022-26306
was published
Jul 26, 2022
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT ...
Critical
Unreviewed
CVE-2022-26647
was published
Jul 13, 2022
Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker...
Moderate
Unreviewed
CVE-2022-33707
was published
Jul 13, 2022
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite,
...
Critical
Unreviewed
CVE-2020-35163
was published
Jul 12, 2022
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.
Moderate
Unreviewed
CVE-2022-25047
was published
Jul 8, 2022
Use of insufficiently random values vulnerability exists in Vnet/IP communication module VI461 of...
High
Unreviewed
CVE-2022-32284
was published
Jul 5, 2022
totd before 1.5.3 does not properly randomize mesg IDs.
Moderate
Unreviewed
CVE-2022-34295
was published
Jun 24, 2022
ZTE's MF297D product has cryptographic issues vulnerability. Due to the use of weak random values...
High
Unreviewed
CVE-2022-23138
was published
Jun 10, 2022
Persistent platform private key may not be protected with a random IV leading to a potential “two...
High
Unreviewed
CVE-2021-26322
was published
May 24, 2022
On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then...
High
Unreviewed
CVE-2021-22038
was published
May 24, 2022
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All...
Moderate
Unreviewed
CVE-2021-37186
was published
May 24, 2022
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are...
Critical
Unreviewed
CVE-2021-34646
was published
May 24, 2022
An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers ...
Critical
Unreviewed
CVE-2020-35685
was published
May 24, 2022
reNgine through 0.5 relies on a predictable directory name.
Critical
Unreviewed
CVE-2021-38606
was published
May 24, 2022
An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of...
Moderate
Unreviewed
CVE-2021-25444
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API