Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

112 advisories

Loading
Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields,... Moderate Unreviewed
CVE-2024-10604 was published Jan 30, 2025
A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0.... Moderate Unreviewed
CVE-2025-6931 was published Jul 1, 2025
An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which... Moderate Unreviewed
CVE-2022-44795 was published Nov 7, 2022
ieGeek IG20 hipcam RealServer V1.0 is vulnerable to Incorrect Access Control. The algorithm used... Moderate Unreviewed
CVE-2022-38970 was published Sep 27, 2022
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2020-13817 was published May 24, 2022
A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to... Moderate Unreviewed
CVE-2017-12361 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup ... Moderate Unreviewed
CVE-2017-13086 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13079 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13081 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity... Moderate Unreviewed
CVE-2017-13088 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)... Moderate Unreviewed
CVE-2017-13080 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL)... Moderate Unreviewed
CVE-2017-13084 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group... Moderate Unreviewed
CVE-2017-13087 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK)... Moderate Unreviewed
CVE-2017-13077 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)... Moderate Unreviewed
CVE-2017-13078 was published May 13, 2022
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x... Moderate Unreviewed
CVE-2015-3963 was published May 13, 2022
A randomly generated Initialization Vector (IV) may lead to a collision of IVs with the same key... Moderate Unreviewed
CVE-2021-26407 was published Jan 11, 2023
ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim,... Moderate Unreviewed
CVE-2020-36252 was published May 24, 2022
SunGrow iSolarCloud Android app V2.1.6.20241017 and prior uses an insecure AES key to encrypt... Moderate Unreviewed
CVE-2024-50684 was published Feb 26, 2025
The WP Reset – Most Advanced WordPress Reset Tool plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2023-6799 was published Apr 9, 2024
TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure... Moderate Unreviewed
CVE-2024-22473 was published Feb 21, 2024
When batch jobs are executed by pgAgent, a script is created in a temporary directory and then... Moderate Unreviewed
CVE-2025-0218 was published Jan 7, 2025
Use of Insufficiently Random Values in undici Moderate
CVE-2025-22150 was published for undici (npm) Jan 21, 2025
mcollina parrot409
Use of Insufficiently Random Values vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3,... Moderate Unreviewed
CVE-2024-28013 was published Mar 28, 2024
crypto-js uses insecure random numbers Moderate
CVE-2020-36732 was published for crypto-js (npm) Jun 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database