Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

251 advisories

Loading
A vulnerability was found in Konga 2.8.3 on Kong. It has been classified as problematic. This... Low Unreviewed
CVE-2023-2418 was published Apr 29, 2023
Duplicate Advisory: Lemur subject to insecure random generation High
GHSA-r4xg-4wrv-w72h was published for lemur (pip) Apr 19, 2023 withdrawn
The hashing algorithm of ChurchCRM v4.5.3 utilizes a non-random salt value which allows attackers... High Unreviewed
CVE-2023-26855 was published Apr 4, 2023
Akuvox E11 contains a function that encrypts messages which are then forwarded. The IV vector and... High Unreviewed
CVE-2023-0343 was published Mar 31, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-43636 was published Mar 29, 2023
Lemur subject to insecure random generation High
CVE-2023-30797 was published for lemur (pip) Mar 1, 2023
kjsman
A vulnerability in the backup configuration feature of Cisco UCS Manager Software and in the... Moderate Unreviewed
CVE-2023-20016 was published Feb 23, 2023
KASAGO TCP/IP stack provided by Zuken Elmic generates ISNs(Initial Sequence Number) for TCP... Critical Unreviewed
CVE-2022-43501 was published Feb 10, 2023
Rancher cattle-token is predictable High
CVE-2022-43755 was published for github.com/rancher/rancher (Go) Jan 25, 2023
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39... Moderate Unreviewed
CVE-2023-22912 was published Jan 20, 2023
Nexpose and InsightVM virtual appliances downloaded between April 5th, 2017 and May 3rd, 2017... High Unreviewed
CVE-2017-5242 was published Jan 13, 2023
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version... High Unreviewed
CVE-2023-22601 was published Jan 13, 2023
A vulnerability has been found in Morgawr Muon 0.1.1 and classified as problematic. Affected by... High Unreviewed
CVE-2019-25089 was published Dec 27, 2022
A vulnerability, which was classified as problematic, has been found in fredsmith utils. This... Moderate Unreviewed
CVE-2021-4277 was published Dec 25, 2022
DNS NuGet package uses insufficiently random values Critical
CVE-2021-4248 was published for DNS (NuGet) Dec 18, 2022
A vulnerability has been identified in SCALANCE X204RNA (HSR) (All versions < V3.2.7), SCALANCE... Critical Unreviewed
CVE-2022-46353 was published Dec 13, 2022
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2022-20941 was published Nov 16, 2022
Insufficient Entropy in PHPServerMon PRNG Moderate
CVE-2021-4240 was published for phpservermon/phpservermon (Composer) Nov 16, 2022
PHPServerMon PRNG has Insufficient Entropy Moderate
CVE-2021-4241 was published for phpservermon/phpservermon (Composer) Nov 16, 2022
A vulnerability, which was classified as problematic, has been found in drogon up to 1.8.1.... Moderate Unreviewed
CVE-2022-3959 was published Nov 11, 2022
Use of unclaimed s3 bucket in tests and examples Moderate
CVE-2022-36022 was published for org.deeplearning4j:dl4j-examples (Maven) Nov 10, 2022
draco1725
Multiple W&T products of the Comserver Series use a small number space for allocating sessions... Critical Unreviewed
CVE-2022-42787 was published Nov 10, 2022
An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which... Moderate Unreviewed
CVE-2022-44795 was published Nov 7, 2022
An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict... Critical Unreviewed
CVE-2022-30935 was published Sep 29, 2022
ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used... Moderate Unreviewed
CVE-2022-38970 was published Sep 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database