Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,989
Maven
5,000+
npm
3,705
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

72 advisories

Loading
Improper authentication in One UI Home prior to SMR Mar-2022 Release 1 allows attacker to... Low Unreviewed
CVE-2022-25817 was published Mar 11, 2022
** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key... Low Unreviewed
CVE-2021-36368 was published Mar 14, 2022
An authentication issue was addressed with improved state management. This issue is fixed in... Low Unreviewed
CVE-2022-22656 was published Mar 19, 2022
A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and... Low Unreviewed
CVE-2018-25030 was published Mar 29, 2022
Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get... Low Unreviewed
CVE-2022-25833 was published Apr 12, 2022
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1... Low Unreviewed
CVE-2003-1570 was published Apr 29, 2022
An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to... Low Unreviewed
CVE-2002-0507 was published Apr 30, 2022
The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication... Low Unreviewed
CVE-2007-6385 was published May 1, 2022
The (1) CHAP and (2) MS-CHAP-V2 authentication capabilities in the PPP Access Concentrator (PPPAC... Low Unreviewed
CVE-2009-4409 was published May 2, 2022
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured... Low Unreviewed
CVE-2010-0014 was published May 2, 2022
The CMS_verify function in OpenSSL 0.9.8h through 0.9.8j, when CMS is enabled, does not properly... Low Unreviewed
CVE-2009-0591 was published May 3, 2022
The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before... Low Unreviewed
CVE-2009-1905 was published May 3, 2022
Improper authentication in Link to Windows Service prior to version 2.3.04.1 allows attacker to... Low Unreviewed
CVE-2022-28790 was published May 4, 2022
IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.0.2, when SSL is not... Low Unreviewed
CVE-2013-0540 was published May 5, 2022
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices... Low Unreviewed
CVE-2018-8862 was published May 13, 2022
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android.... Low Unreviewed
CVE-2018-12446 was published May 14, 2022
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android.... Low Unreviewed
CVE-2018-12445 was published May 14, 2022
IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.0.0 through 7.2.0.10, 7.2.1.0... Low Unreviewed
CVE-2014-6148 was published May 17, 2022
The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before... Low Unreviewed
CVE-2013-5429 was published May 17, 2022
The NTT DOCOMO overseas usage application 2.0.0 through 2.0.4 for Android does not properly... Low Unreviewed
CVE-2013-3659 was published May 17, 2022
The Sterling Order Management APIs in IBM Sterling Multi-Channel Fulfillment Solution 8.0 before... Low Unreviewed
CVE-2013-0578 was published May 17, 2022
The Restrictions (aka Parental Controls) implementation in Apple iOS before 6 does not properly... Low Unreviewed
CVE-2012-3741 was published May 17, 2022
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before... Low Unreviewed
CVE-2012-2377 was published May 17, 2022
HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 does not properly... Low Unreviewed
CVE-2011-0279 was published May 17, 2022
The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain... Low Unreviewed
CVE-2010-4211 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database