Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

86 advisories

Loading
SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank... Low Unreviewed
CVE-2013-2310 was published May 17, 2022
The Verizon Wireless Network Extender SCS-26UC4 and SCS-2U01 does not use CAVE authentication,... Low Unreviewed
CVE-2013-4877 was published May 17, 2022
The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics... Low Unreviewed
CVE-2013-2102 was published May 17, 2022
VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authenticated users to bypass... Low Unreviewed
CVE-2013-7292 was published May 17, 2022
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9,... Low Unreviewed
CVE-2014-0348 was published May 17, 2022
The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages... Low Unreviewed
CVE-2012-3520 was published May 17, 2022
The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39,... Low Unreviewed
CVE-2015-2047 was published May 17, 2022
Improper Authentication in Apache Hadoop Low
CVE-2013-2192 was published for org.apache.hadoop:hadoop-common (Maven) May 17, 2022
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain... Low Unreviewed
CVE-2010-4211 was published May 17, 2022
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly... Low Unreviewed
CVE-2011-0279 was published May 17, 2022
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before... Low Unreviewed
CVE-2012-2377 was published May 17, 2022
The Restrictions (aka Parental Controls) implementation in Apple iOS before 6 does not properly... Low Unreviewed
CVE-2012-3741 was published May 17, 2022
The Sterling Order Management APIs in IBM Sterling Multi-Channel Fulfillment Solution 8.0 before... Low Unreviewed
CVE-2013-0578 was published May 17, 2022
The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly... Low Unreviewed
CVE-2013-3659 was published May 17, 2022
The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before... Low Unreviewed
CVE-2013-5429 was published May 17, 2022
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0... Low Unreviewed
CVE-2014-6148 was published May 17, 2022
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android.... Low Unreviewed
CVE-2018-12445 was published May 14, 2022
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android.... Low Unreviewed
CVE-2018-12446 was published May 14, 2022
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices... Low Unreviewed
CVE-2018-8862 was published May 13, 2022
IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.0.2, when SSL is not... Low Unreviewed
CVE-2013-0540 was published May 5, 2022
Improper authentication in Link to Windows Service prior to version 2.3.04.1 allows attacker to... Low Unreviewed
CVE-2022-28790 was published May 4, 2022
The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before... Low Unreviewed
CVE-2009-1905 was published May 3, 2022
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly... Low Unreviewed
CVE-2009-0591 was published May 3, 2022
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured... Low Unreviewed
CVE-2010-0014 was published May 2, 2022
The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC... Low Unreviewed
CVE-2009-4409 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database