Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

177 advisories

Loading
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular... Moderate Unreviewed
CVE-2020-11735 was published May 24, 2022
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access... Moderate Unreviewed
CVE-2020-9315 was published May 24, 2022
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP... Moderate Unreviewed
CVE-2020-5885 was published May 24, 2022
On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5... Moderate Unreviewed
CVE-2020-5884 was published May 24, 2022
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP... Moderate Unreviewed
CVE-2020-5886 was published May 24, 2022
A missing secure communication definition and an incomplete TLS validation in the upgrade service... Moderate Unreviewed
CVE-2019-19101 was published May 24, 2022
A weak encryption vulnerability in Mitel MiVoice Connect Client before 214.100.1214.0 could allow... Moderate Unreviewed
CVE-2020-10377 was published May 24, 2022
ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection... Moderate Unreviewed
CVE-2019-19097 was published May 24, 2022
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and... Moderate Unreviewed
CVE-2020-9770 was published May 24, 2022
On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1... Moderate Unreviewed
CVE-2020-5860 was published May 24, 2022
A flaw was found in the way certificate signatures could be forged using collisions found in the... Moderate Unreviewed
CVE-2019-14855 was published May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Moderate Unreviewed
CVE-2019-19299 was published May 24, 2022
An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an... Moderate Unreviewed
CVE-2019-19891 was published May 24, 2022
An issue existed in the handling of links in encrypted PDFs. This issue was addressed by adding a... Moderate Unreviewed
CVE-2019-8772 was published May 24, 2022
The Bitwarden server through 1.32.0 has a potentially unwanted KDF. Moderate Unreviewed
CVE-2019-19766 was published May 24, 2022
An issue was discovered in Intesync Solismed 3.3sp1. An flaw in the encryption implementation... Moderate Unreviewed
CVE-2019-17428 was published May 24, 2022
The Infinite Design application 3.4.12 for Android sends a username and password via TCP without... Moderate Unreviewed
CVE-2019-17356 was published May 24, 2022
A security feature bypass vulnerability exists in Microsoft Windows when a man-in-the-middle... Moderate Unreviewed
CVE-2019-1338 was published May 24, 2022
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it... Moderate Unreviewed
CVE-2019-15947 was published May 24, 2022
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub... Moderate Unreviewed
CVE-2019-14664 was published May 24, 2022
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values... Moderate Unreviewed
CVE-2019-10638 was published May 24, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.0 uses... Moderate Unreviewed
CVE-2019-4102 was published May 24, 2022
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2019-4151 was published May 24, 2022
Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through... Moderate Unreviewed
CVE-2020-16235 was published May 20, 2022
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed
CVE-2015-8086 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database