GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,909
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,044
Maven 5,228
npm 3,736
NuGet 663
pip 3,414
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,255

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

192 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function... Moderate Unreviewed

CVE-2021-23126 was published May 24, 2022

Using techniques that built on the slipstream research, a malicious webpage could have scanned... Moderate Unreviewed

CVE-2021-23982 was published May 24, 2022

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired... Moderate Unreviewed

CVE-2020-24587 was published May 24, 2022

The NPort IA5000A Series devices use Telnet as one of the network device management services.... Moderate Unreviewed

CVE-2020-27184 was published May 24, 2022

The flash read-out protection (RDP) level is not enforced during the device initialization phase... Moderate Unreviewed

CVE-2020-27208 was published May 24, 2022

In VOS compromised, an attacker at network endpoints can possibly view communications between an... Moderate Unreviewed

CVE-2018-16499 was published May 24, 2022

Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1... Moderate Unreviewed

CVE-2021-25392 was published May 24, 2022

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2... Moderate Unreviewed

CVE-2021-31615 was published May 24, 2022

SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength... Moderate Unreviewed

CVE-2021-32496 was published May 24, 2022

IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could... Moderate Unreviewed

CVE-2021-20369 was published May 24, 2022

A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS,... Moderate Unreviewed

CVE-2021-36769 was published May 24, 2022

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data. Moderate Unreviewed

CVE-2021-37587 was published May 24, 2022

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data. Moderate Unreviewed

CVE-2021-37588 was published May 24, 2022

In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256. Moderate Unreviewed

CVE-2021-37551 was published May 24, 2022

In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment... Moderate Unreviewed

CVE-2021-37540 was published May 24, 2022

In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted... Moderate Unreviewed

CVE-2021-37546 was published May 24, 2022

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such... Moderate Unreviewed

CVE-2021-39272 was published May 24, 2022

The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1... Moderate Unreviewed

CVE-2021-31798 was published May 24, 2022

The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is... Moderate Unreviewed

CVE-2021-31797 was published May 24, 2022

In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component... Moderate Unreviewed

CVE-2021-41061 was published May 24, 2022

An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble... Moderate Unreviewed

CVE-2021-3789 was published May 24, 2022

The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This... Moderate Unreviewed

CVE-2019-9399 was published May 24, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2019-4339 was published May 24, 2022

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control... Moderate Unreviewed

CVE-2015-5361 was published May 24, 2022

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0... Moderate Unreviewed

CVE-2022-32222 was published Jul 15, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

192 advisories