Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

180 advisories

Loading
Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator High
CVE-2018-1000180 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 16, 2018
Unauthenticated crypto and weak IV in Magento\Framework\Encryption High
CVE-2016-6485 was published for magento/community-edition (Composer) Nov 20, 2019
Missing Required Cryptographic Step Leading to Sensitive Information Disclosure in TYPO3 CMS High
CVE-2020-15098 was published for typo3/cms (Composer) Jul 29, 2020
ohader
Python-RSA decryption of ciphertext leads to DoS High
CVE-2020-13757 was published for rsa (pip) Mar 24, 2021
Timing attacks in python-rsa High
CVE-2020-25658 was published for rsa (pip) Apr 30, 2021
Use of a Broken or Risky Cryptographic Algorithm in Terraform High
CVE-2019-19316 was published for github.com/hashicorp/terraform (Go) May 18, 2021
Incorrect implementation of the Streebog hash functions in streebog High
CVE-2019-25006 was published for streebog (Rust) Aug 25, 2021
Security issues in AWS KMS and AWS Encryption SDKs: in-band protocol negotiation and robustness High
CVE-2020-8897 was published for aws-encryption-sdk (Maven) Oct 12, 2021
thaidn
Improper hashing in enrocrypt High
CVE-2021-39182 was published for enrocrypt (pip) Nov 10, 2021
Inadequate Encryption Strength in Apache NiFi High
CVE-2020-9491 was published for org.apache.nifi:nifi (Maven) Jan 6, 2022
Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy High
CVE-2021-42583 was published for github.com/foxcpp/maddy (Go) Jan 6, 2022
Use of a Broken or Risky Cryptographic Algorithm in PostgreSQL High Unreviewed
CVE-2020-25694 was published Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API