Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

104 advisories

Loading
A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while... Moderate Unreviewed
CVE-2019-12821 was published May 24, 2022
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include... Moderate Unreviewed
CVE-2019-1549 was published May 24, 2022
The token generator in index.php in Centreon Web before 2.8.27 is predictable. Moderate Unreviewed
CVE-2019-17105 was published May 24, 2022
The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device... Moderate Unreviewed
CVE-2019-18282 was published May 24, 2022
The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in... Moderate Unreviewed
CVE-2020-7241 was published May 24, 2022
An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of... Moderate Unreviewed
CVE-2018-19441 was published May 24, 2022
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2... Moderate Unreviewed
CVE-2020-1759 was published May 24, 2022
React Native Bluetooth Scan in Bluezone 1.0.0 uses six-character alphanumeric IDs, which might... Moderate Unreviewed
CVE-2020-12270 was published May 24, 2022
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2020-13817 was published May 24, 2022
The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the... Moderate Unreviewed
CVE-2020-10274 was published May 24, 2022
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain... Moderate Unreviewed
CVE-2020-16166 was published May 24, 2022
Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute... Moderate Unreviewed
CVE-2020-15023 was published May 24, 2022
An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface... Moderate Unreviewed
CVE-2020-17470 was published May 24, 2022
In onPackageModified of VoiceInteractionManagerService.java, there is a possible change of... Moderate Unreviewed
CVE-2021-0375 was published May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms... Moderate Unreviewed
CVE-2021-3446 was published May 24, 2022
Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote... Moderate Unreviewed
CVE-2021-25375 was published May 24, 2022
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All... Moderate Unreviewed
CVE-2021-25677 was published May 24, 2022
A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (versions... Moderate Unreviewed
CVE-2021-27393 was published May 24, 2022
Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing... Moderate Unreviewed
CVE-2021-26909 was published May 24, 2022
The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and... Moderate Unreviewed
CVE-2021-23020 was published May 24, 2022
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7... Moderate Unreviewed
CVE-2021-27499 was published May 24, 2022
An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of... Moderate Unreviewed
CVE-2021-25444 was published May 24, 2022
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All... Moderate Unreviewed
CVE-2021-37186 was published May 24, 2022
Weak private key generation in SSH.NET Moderate
CVE-2022-29245 was published for SSH.NET (NuGet) Jun 1, 2022
yaumn-synacktiv
totd before 1.5.3 does not properly randomize mesg IDs. Moderate Unreviewed
CVE-2022-34295 was published Jun 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database