GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
72 advisories
Filter by severity
Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to...
Low
Unreviewed
CVE-2022-25817
was published
Mar 11, 2022
** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key...
Low
Unreviewed
CVE-2021-36368
was published
Mar 14, 2022
An authentication issue was addressed with improved state management. This issue is fixed in...
Low
Unreviewed
CVE-2022-22656
was published
Mar 19, 2022
A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and...
Low
Unreviewed
CVE-2018-25030
was published
Mar 29, 2022
Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get...
Low
Unreviewed
CVE-2022-25833
was published
Apr 12, 2022
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1...
Low
Unreviewed
CVE-2003-1570
was published
Apr 29, 2022
An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to...
Low
Unreviewed
CVE-2002-0507
was published
Apr 30, 2022
The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication...
Low
Unreviewed
CVE-2007-6385
was published
May 1, 2022
The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC...
Low
Unreviewed
CVE-2009-4409
was published
May 2, 2022
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured...
Low
Unreviewed
CVE-2010-0014
was published
May 2, 2022
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly...
Low
Unreviewed
CVE-2009-0591
was published
May 3, 2022
The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before...
Low
Unreviewed
CVE-2009-1905
was published
May 3, 2022
Improper authentication in Link to Windows Service prior to version 2.3.04.1 allows attacker to...
Low
Unreviewed
CVE-2022-28790
was published
May 4, 2022
IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.0.2, when SSL is not...
Low
Unreviewed
CVE-2013-0540
was published
May 5, 2022
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices...
Low
Unreviewed
CVE-2018-8862
was published
May 13, 2022
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android....
Low
Unreviewed
CVE-2018-12446
was published
May 14, 2022
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android....
Low
Unreviewed
CVE-2018-12445
was published
May 14, 2022
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0...
Low
Unreviewed
CVE-2014-6148
was published
May 17, 2022
The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before...
Low
Unreviewed
CVE-2013-5429
was published
May 17, 2022
The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly...
Low
Unreviewed
CVE-2013-3659
was published
May 17, 2022
The Sterling Order Management APIs in IBM Sterling Multi-Channel Fulfillment Solution 8.0 before...
Low
Unreviewed
CVE-2013-0578
was published
May 17, 2022
The Restrictions (aka Parental Controls) implementation in Apple iOS before 6 does not properly...
Low
Unreviewed
CVE-2012-3741
was published
May 17, 2022
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before...
Low
Unreviewed
CVE-2012-2377
was published
May 17, 2022
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly...
Low
Unreviewed
CVE-2011-0279
was published
May 17, 2022
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain...
Low
Unreviewed
CVE-2010-4211
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API