GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,405

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

194 advisories

Filter by severity

Sort by

Least recently updated

A Padding Oracle exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and... Moderate Unreviewed

CVE-2017-10668 was published May 13, 2022

Beckhoff TwinCAT 3 supports communication over ADS. ADS is a protocol for industrial automation... Moderate Unreviewed

CVE-2017-16718 was published May 13, 2022

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses... Moderate Unreviewed

CVE-2017-1571 was published May 13, 2022

IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses... Moderate Unreviewed

CVE-2017-1575 was published May 13, 2022

IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than... Moderate Unreviewed

CVE-2018-1428 was published May 13, 2022

Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60.9, 11.1 before build 60.14... Moderate Unreviewed

CVE-2019-6485 was published May 13, 2022

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector could crash. This was... Moderate Unreviewed

CVE-2019-5719 was published May 13, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected... Moderate Unreviewed

CVE-2018-1996 was published May 13, 2022

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed

CVE-2018-0735 was published May 13, 2022

The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel... Moderate Unreviewed

CVE-2018-0734 was published May 13, 2022

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM... Moderate Unreviewed

CVE-2018-10846 was published May 13, 2022

It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen... Moderate Unreviewed

CVE-2018-10844 was published May 13, 2022

It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen... Moderate Unreviewed

CVE-2018-10845 was published May 13, 2022

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state... Moderate Unreviewed

CVE-2015-2808 was published May 13, 2022

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side... Moderate Unreviewed

CVE-2018-0737 was published May 13, 2022

On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL... Moderate Unreviewed

CVE-2019-6593 was published May 13, 2022

Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an... Moderate Unreviewed

CVE-2019-5754 was published May 13, 2022

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA... Moderate Unreviewed

CVE-2018-11069 was published May 13, 2022

RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a... Moderate Unreviewed

CVE-2018-11070 was published May 13, 2022

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication... Moderate Unreviewed

CVE-2019-7006 was published May 13, 2022

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x... Moderate Unreviewed

CVE-2018-11057 was published May 13, 2022

In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to... Moderate Unreviewed

CVE-2022-20117 was published May 11, 2022

In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and... Moderate Unreviewed

CVE-2013-1053 was published May 5, 2022

The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C... Moderate Unreviewed

CVE-2013-2213 was published May 5, 2022

The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption,... Moderate Unreviewed

CVE-2009-2273 was published May 2, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

194 advisories