GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
417 advisories
Filter by severity
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,...
High
Unreviewed
CVE-2020-29063
was published
May 24, 2022
A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references,...
High
Unreviewed
CVE-2020-7565
was published
May 24, 2022
An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that...
High
Unreviewed
CVE-2020-26552
was published
May 24, 2022
Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30...
Moderate
Unreviewed
CVE-2020-8761
was published
May 24, 2022
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with...
Moderate
Unreviewed
CVE-2020-9128
was published
May 24, 2022
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed...
Moderate
Unreviewed
CVE-2020-5943
was published
May 24, 2022
On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels...
Moderate
Unreviewed
CVE-2020-5938
was published
May 24, 2022
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020...
Moderate
Unreviewed
CVE-2020-27181
was published
May 24, 2022
A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software...
High
Unreviewed
CVE-2020-3549
was published
May 24, 2022
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode...
Moderate
Unreviewed
CVE-2020-7069
was published
May 24, 2022
cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
High
Unreviewed
CVE-2020-26107
was published
May 24, 2022
In various functions in fscrypt_ice.c and related files in some implementations of f2fs...
Moderate
Unreviewed
CVE-2020-0407
was published
May 24, 2022
A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker...
High
Unreviewed
CVE-2020-24925
was published
May 24, 2022
AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory...
Critical
Unreviewed
CVE-2020-11684
was published
May 24, 2022
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being...
Moderate
Unreviewed
CVE-2020-1968
was published
May 24, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected...
Moderate
Unreviewed
CVE-2020-10919
was published
May 24, 2022
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular...
Moderate
Unreviewed
CVE-2020-11735
was published
May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength.
High
Unreviewed
CVE-2020-13785
was published
May 24, 2022
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by...
Low
Unreviewed
CVE-2020-12872
was published
May 24, 2022
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access...
Moderate
Unreviewed
CVE-2020-9315
was published
May 24, 2022
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP...
Moderate
Unreviewed
CVE-2020-5886
was published
May 24, 2022
On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5...
Moderate
Unreviewed
CVE-2020-5884
was published
May 24, 2022
On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP...
Moderate
Unreviewed
CVE-2020-5885
was published
May 24, 2022
A missing secure communication definition and an incomplete TLS validation in the upgrade service...
Moderate
Unreviewed
CVE-2019-19101
was published
May 24, 2022
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector...
High
Unreviewed
CVE-2020-11877
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API