GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
214 advisories
Filter by severity
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote...
Moderate
Unreviewed
CVE-2020-29536
was published
May 24, 2022
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an...
Moderate
Unreviewed
CVE-2021-20441
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2020-4968
was published
May 24, 2022
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.
Moderate
Unreviewed
CVE-2021-25763
was published
May 24, 2022
Command Injection in Apache James
Moderate
CVE-2021-38542
was published
for
org.apache.james:james-server
(Maven)
Jan 8, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit...
Moderate
Unreviewed
CVE-2007-6755
was published
May 1, 2022
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products,...
Moderate
Unreviewed
CVE-2021-40529
was published
May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms...
Moderate
Unreviewed
CVE-2021-3446
was published
May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords...
Moderate
Unreviewed
CVE-2021-33003
was published
May 24, 2022
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during...
Moderate
Unreviewed
CVE-2021-40530
was published
May 24, 2022
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during...
Moderate
Unreviewed
CVE-2021-40528
was published
May 24, 2022
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for...
Moderate
Unreviewed
CVE-2021-31352
was published
May 24, 2022
Information from SSL-encrypted sessions via PKCS #1.
Moderate
Unreviewed
CVE-1999-0007
was published
Apr 30, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a...
Moderate
Unreviewed
CVE-2022-27581
was published
Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a...
Moderate
Unreviewed
CVE-2022-46832
was published
Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a...
Moderate
Unreviewed
CVE-2022-46833
was published
Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a...
Moderate
Unreviewed
CVE-2022-46834
was published
Dec 13, 2022
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption,...
Moderate
Unreviewed
CVE-2009-2273
was published
May 2, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios...
Moderate
Unreviewed
CVE-2022-4610
was published
Dec 19, 2022
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and...
Moderate
Unreviewed
CVE-2013-1053
was published
May 5, 2022
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to...
Moderate
Unreviewed
CVE-2022-20117
was published
May 11, 2022
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x...
Moderate
Unreviewed
CVE-2018-11057
was published
May 13, 2022
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication...
Moderate
Unreviewed
CVE-2019-7006
was published
May 13, 2022
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA...
Moderate
Unreviewed
CVE-2018-11069
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API