Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

253 advisories

Loading
A vulnerability, which was classified as problematic, was found in projectsend up to r1605.... Moderate Unreviewed
CVE-2024-7659 was published Aug 12, 2024
Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow... Moderate Unreviewed
CVE-2024-42165 was published Aug 12, 2024
Information disclosure when ASLR relocates the IMEM and Secure DDR portions as one chunk in... High Unreviewed
CVE-2024-21460 was published Jul 1, 2024
iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th... High Unreviewed
CVE-2024-25943 was published Jun 29, 2024
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 (6ES7288-1CR40-0AA0) (All... High Unreviewed
CVE-2024-35292 was published Jun 11, 2024
ZendFramework Potential Information Disclosure and Insufficient Entropy vulnerabilities High
GHSA-xg9w-r469-m455 was published for zendframework/zendframework (Composer) Jun 7, 2024
The BuddyForms plugin for WordPress is vulnerable to Email Verification Bypass in all versions up... Moderate Unreviewed
CVE-2024-5149 was published Jun 5, 2024
MileSight DeviceHub - CWE-330 Use of Insufficiently Random Values may allow Authentication... Critical Unreviewed
CVE-2024-36389 was published Jun 2, 2024
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon... High Unreviewed
CVE-2020-1472 was published May 24, 2022
Froxlor guessable password reset token Critical
CVE-2016-5100 was published for froxlor/froxlor (Composer) May 17, 2022
Use of Insufficiently Random Values vulnerability in ABB Pulsar Plus System Controller NE843_S,... Moderate Unreviewed
CVE-2022-26080 was published Jul 6, 2023
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE... Critical Unreviewed
CVE-2022-46353 was published Dec 13, 2022
In Contiki 4.5, TCP ISNs are improperly random. Critical Unreviewed
CVE-2020-27634 was published Oct 10, 2023
An authentication bypass vulnerability exists in the OAS Engine authentication functionality of... High Unreviewed
CVE-2023-34353 was published Sep 5, 2023
In FNET 4.6.3, TCP ISNs are improperly random. Critical Unreviewed
CVE-2020-27633 was published Oct 10, 2023
In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random. Critical Unreviewed
CVE-2020-27630 was published Oct 10, 2023
In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random. Critical Unreviewed
CVE-2020-27636 was published Oct 10, 2023
In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random. Critical Unreviewed
CVE-2020-27631 was published Oct 10, 2023
In PicoTCP 1.7.0, TCP ISNs are improperly random. Critical Unreviewed
CVE-2020-27635 was published Oct 10, 2023
An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers ... High Unreviewed
CVE-2020-27213 was published Oct 10, 2023
There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass... Critical Unreviewed
CVE-2023-39979 was published Sep 2, 2023
Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R... Moderate Unreviewed
CVE-2023-24478 was published Aug 15, 2023
Predictable Exact Value from Previous Values vulnerability in Mitsubishi Electric Corporation... Critical Unreviewed
CVE-2023-3373 was published Aug 4, 2023
Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow... Moderate Unreviewed
CVE-2022-43485 was published Jul 6, 2023
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of... High Unreviewed
CVE-2023-1385 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database