Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23 advisories

Loading
Philips Hue Bridge HomeKit Accessory Protocol Static Nonce Authentication Bypass Vulnerability.... High Unreviewed
CVE-2026-3559 was published Mar 16, 2026
A flaw was found in Libsoup. The server-side digest authentication implementation in the... Moderate Unreviewed
CVE-2026-3099 was published Mar 12, 2026
HCL MyXalytics v6.7 is affected by improper management of a static JWT signing secret in the web... High Unreviewed
CVE-2025-59870 was published Jan 16, 2026
Cryptographic issue may occur while encrypting license data. High Unreviewed
CVE-2025-47345 was published Jan 7, 2026
Due to Nonce reuse, attackers can perform reply attack or decrypt captured packets. High Unreviewed
CVE-2025-61739 was published Dec 22, 2025
Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14... Moderate Unreviewed
CVE-2025-46632 was published May 2, 2025
In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX... Moderate Unreviewed
CVE-2022-37660 was published Feb 12, 2025
The authentication process to the web server uses a challenge response procedure which inludes... Moderate Unreviewed
CVE-2024-11022 was published Dec 6, 2024
Reusing a nonce, key pair in encryption issue exists in "FreeFrom - the nostr client" App... Moderate Unreviewed
CVE-2024-36289 was published Jun 17, 2024
There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed
CVE-2024-25699 was published Apr 4, 2024
The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless... Moderate Unreviewed
CVE-2023-7003 was published Mar 15, 2024
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA... High Unreviewed
CVE-2022-24401 was published Oct 19, 2023
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2... Moderate Unreviewed
CVE-2020-1759 was published May 24, 2022
Metasys? ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 make use of a shared RSA key pair... Critical Unreviewed
CVE-2019-7593 was published May 24, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity... Moderate Unreviewed
CVE-2017-13088 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL)... Moderate Unreviewed
CVE-2017-13084 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup ... Moderate Unreviewed
CVE-2017-13086 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13081 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the... High Unreviewed
CVE-2017-13082 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the... Moderate Unreviewed
CVE-2017-13079 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)... Moderate Unreviewed
CVE-2017-13078 was published May 13, 2022
A "Reusing a Nonce, Key Pair in Encryption" issue was discovered in Rockwell Automation Allen... Critical Unreviewed
CVE-2017-7902 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK)... Moderate Unreviewed
CVE-2017-13080 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database