GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
192 advisories
Filter by severity
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet...
Moderate
Unreviewed
CVE-2011-3389
was published
May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6...
Moderate
Unreviewed
CVE-2018-1466
was published
May 13, 2022
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0,...
Moderate
Unreviewed
CVE-2014-1491
was published
May 13, 2022
An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100...
Moderate
Unreviewed
CVE-2018-5461
was published
May 13, 2022
IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2018-1925
was published
May 13, 2022
IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due...
Moderate
Unreviewed
CVE-2018-1593
was published
May 13, 2022
IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability...
Moderate
Unreviewed
CVE-2018-1518
was published
May 13, 2022
Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is...
Moderate
Unreviewed
CVE-2018-19001
was published
May 13, 2022
The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc....
Moderate
Unreviewed
CVE-2017-5535
was published
May 13, 2022
A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS...
Moderate
Unreviewed
CVE-2018-0131
was published
May 13, 2022
IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow...
Moderate
Unreviewed
CVE-2017-1713
was published
May 13, 2022
An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000...
Moderate
Unreviewed
CVE-2017-9645
was published
May 13, 2022
Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM)...
Moderate
Unreviewed
CVE-2017-3971
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue...
Moderate
Unreviewed
CVE-2017-2399
was published
May 13, 2022
comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL...
Moderate
Unreviewed
CVE-2018-6653
was published
May 13, 2022
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2017-1665
was published
May 14, 2022
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such...
Moderate
Unreviewed
CVE-2021-39272
was published
May 24, 2022
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the...
Moderate
Unreviewed
CVE-2016-6225
was published
May 14, 2022
IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash...
Moderate
Unreviewed
CVE-2014-0841
was published
May 14, 2022
IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for...
Moderate
Unreviewed
CVE-2015-4953
was published
May 14, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2018-1425
was published
May 14, 2022
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2017-1664
was published
May 14, 2022
Hash collision in typelevel jawn
Moderate
CVE-2022-21653
was published
for
org.typelevel:jawn-parser
(Maven)
Jan 6, 2022
IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to...
Moderate
Unreviewed
CVE-2019-4291
was published
Feb 17, 2022
Argus Surveillance DVR v4.0 employs weak password encryption.
Moderate
Unreviewed
CVE-2022-25012
was published
Mar 3, 2022
ProTip!
Advisories are also available from the
GraphQL API