GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,322
Composer 4,131
Erlang 29
GitHub Actions 19
Go 1,936
Maven 5,131
npm 3,676
NuGet 642
pip 3,292
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,502

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

44 advisories

Filter by severity

Sort by

Least recently updated

The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the... Critical Unreviewed

CVE-2022-27577 was published Apr 12, 2022

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state... Critical Unreviewed

CVE-2022-26851 was published Apr 9, 2022

A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... Critical Unreviewed

CVE-2022-25752 was published Apr 13, 2022

Prima Systems FlexAir devices allow unauthenticated download of the database configuration backup... Critical Unreviewed

CVE-2019-7667 was published May 24, 2022

Multiple W&T products of the Comserver Series use a small number space for allocating sessions... Critical Unreviewed

CVE-2022-42787 was published Nov 10, 2022

A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the... Critical Unreviewed

CVE-2021-20322 was published Feb 19, 2022

A vulnerability has been identified in SCALANCE X200-4P IRT (All versions), SCALANCE X200-4P IRT ... Critical Unreviewed

CVE-2022-26647 was published Jul 13, 2022

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, ... Critical Unreviewed

CVE-2020-35163 was published Jul 12, 2022

A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that... Critical Unreviewed

CVE-2020-25705 was published May 24, 2022

An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict... Critical Unreviewed

CVE-2022-30935 was published Sep 29, 2022

A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and... Critical Unreviewed

CVE-2020-7548 was published May 24, 2022

An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers ... Critical Unreviewed

CVE-2020-35685 was published May 24, 2022

Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are... Critical Unreviewed

CVE-2021-34646 was published May 24, 2022

A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs... Critical Unreviewed

CVE-2017-6026 was published May 13, 2022

Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm... Critical Unreviewed

CVE-2019-9863 was published May 13, 2022

An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric... Critical Unreviewed

CVE-2019-0729 was published May 13, 2022

Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. Critical Unreviewed

CVE-2019-9898 was published May 13, 2022

The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary... Critical Unreviewed

CVE-2018-18602 was published May 13, 2022

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well... Critical Unreviewed

CVE-2019-0007 was published May 13, 2022

NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that... Critical Unreviewed

CVE-2018-17888 was published May 13, 2022

A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen... Critical Unreviewed

CVE-2017-7902 was published May 13, 2022

Remote Information Disclosure and Escalation of Privileges in ManageEngine Desktop Central MSP 10... Critical Unreviewed

CVE-2017-16924 was published May 13, 2022

An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies,... Critical Unreviewed

CVE-2018-16239 was published May 13, 2022

goform/getProfileList in Orange AirBox Y858_FL_01.16_04 allows attackers to extract APN data ... Critical Unreviewed

CVE-2018-18375 was published May 13, 2022

wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situations. This affects... Critical Unreviewed

CVE-2022-23408 was published Jan 19, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

44 advisories