GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
18 advisories
Filter by severity
CLI does not correctly implement strict mode
Low
GHSA-2xwp-m7mq-7q3r
was published
for
aws-encryption-sdk-cli
(pip)
Oct 28, 2020
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by...
Low
Unreviewed
CVE-2020-12872
was published
May 24, 2022
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the...
Low
Unreviewed
CVE-2020-14263
was published
May 24, 2022
In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open...
Low
Unreviewed
CVE-2022-46825
was published
Dec 8, 2022
An issue was discovered on LG mobile devices with Android OS 9.0 (Qualcomm SDM450, SDM845, SM6150...
Low
Unreviewed
CVE-2019-20775
was published
May 24, 2022
An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static...
Low
Unreviewed
CVE-2018-17177
was published
May 13, 2022
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges....
Low
Unreviewed
CVE-2017-9635
was published
May 13, 2022
Discoverability of user password hash in Statamic CMS
Low
CVE-2022-24784
was published
for
statamic/cms
(Composer)
Mar 29, 2022
NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the...
Low
Unreviewed
CVE-2002-1682
was published
Apr 30, 2022
Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password"...
Low
Unreviewed
CVE-2002-1946
was published
Apr 30, 2022
Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password...
Low
Unreviewed
CVE-2002-1975
was published
Apr 30, 2022
Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user...
Low
Unreviewed
CVE-2002-1739
was published
Apr 30, 2022
Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 ...
Low
Unreviewed
CVE-2023-28896
was published
Dec 1, 2023
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive...
Low
Unreviewed
CVE-2023-37397
was published
Apr 19, 2024
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This...
Low
Unreviewed
CVE-2024-30119
was published
Jun 15, 2024
Dozzle uses unsafe hash for passwords
Low
CVE-2024-47182
was published
for
github.com/amir20/dozzle
(Go)
Oct 9, 2024
Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows...
Low
Unreviewed
CVE-2023-6728
was published
Oct 17, 2024
Apache Answer: Predictable Authorization Token Using UUIDv1
Low
CVE-2024-45719
was published
for
github.com/apache/incubator-answer
(Go)
Nov 22, 2024
ProTip!
Advisories are also available from the
GraphQL API