Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

417 advisories

Loading
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,... High Unreviewed
CVE-2020-29063 was published May 24, 2022
A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references,... High Unreviewed
CVE-2020-7565 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that... High Unreviewed
CVE-2020-26552 was published May 24, 2022
Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30... Moderate Unreviewed
CVE-2020-8761 was published May 24, 2022
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with... Moderate Unreviewed
CVE-2020-9128 was published May 24, 2022
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed... Moderate Unreviewed
CVE-2020-5943 was published May 24, 2022
On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels... Moderate Unreviewed
CVE-2020-5938 was published May 24, 2022
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020... Moderate Unreviewed
CVE-2020-27181 was published May 24, 2022
A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software... High Unreviewed
CVE-2020-3549 was published May 24, 2022
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode... Moderate Unreviewed
CVE-2020-7069 was published May 24, 2022
cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561). High Unreviewed
CVE-2020-26107 was published May 24, 2022
In various functions in fscrypt_ice.c and related files in some implementations of f2fs... Moderate Unreviewed
CVE-2020-0407 was published May 24, 2022
A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker... High Unreviewed
CVE-2020-24925 was published May 24, 2022
AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory... Critical Unreviewed
CVE-2020-11684 was published May 24, 2022
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being... Moderate Unreviewed
CVE-2020-1968 was published May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2020-10919 was published May 24, 2022
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular... Moderate Unreviewed
CVE-2020-11735 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength. High Unreviewed
CVE-2020-13785 was published May 24, 2022
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by... Low Unreviewed
CVE-2020-12872 was published May 24, 2022
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access... Moderate Unreviewed
CVE-2020-9315 was published May 24, 2022
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP... Moderate Unreviewed
CVE-2020-5886 was published May 24, 2022
On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5... Moderate Unreviewed
CVE-2020-5884 was published May 24, 2022
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP... Moderate Unreviewed
CVE-2020-5885 was published May 24, 2022
A missing secure communication definition and an incomplete TLS validation in the upgrade service... Moderate Unreviewed
CVE-2019-19101 was published May 24, 2022
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector... High Unreviewed
CVE-2020-11877 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database