GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,909
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,044
Maven 5,228
npm 3,736
NuGet 663
pip 3,414
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,255

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

192 advisories

Filter by severity

Sort by

Least recently updated

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such... Moderate Unreviewed

CVE-2021-39272 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2017-1665 was published May 14, 2022

comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL... Moderate Unreviewed

CVE-2018-6653 was published May 13, 2022

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue... Moderate Unreviewed

CVE-2017-2399 was published May 13, 2022

Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM)... Moderate Unreviewed

CVE-2017-3971 was published May 13, 2022

An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000... Moderate Unreviewed

CVE-2017-9645 was published May 13, 2022

IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed

CVE-2017-1713 was published May 13, 2022

The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc.... Moderate Unreviewed

CVE-2017-5535 was published May 13, 2022

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS... Moderate Unreviewed

CVE-2018-0131 was published May 13, 2022

Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is... Moderate Unreviewed

CVE-2018-19001 was published May 13, 2022

IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability... Moderate Unreviewed

CVE-2018-1518 was published May 13, 2022

IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due... Moderate Unreviewed

CVE-2018-1593 was published May 13, 2022

IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed

CVE-2018-1925 was published May 13, 2022

An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100... Moderate Unreviewed

CVE-2018-5461 was published May 13, 2022

Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0,... Moderate Unreviewed

CVE-2014-1491 was published May 13, 2022

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6... Moderate Unreviewed

CVE-2018-1466 was published May 13, 2022

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet... Moderate Unreviewed

CVE-2011-3389 was published May 13, 2022

Inadequate Encryption Strength and Algorithm Downgrade in Wildfly Moderate Unreviewed

CVE-2019-14887 was published Feb 15, 2022

IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed

CVE-2016-3019 was published May 13, 2022

A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3... Moderate Unreviewed

CVE-2018-4839 was published May 13, 2022

An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch... Moderate Unreviewed

CVE-2017-5160 was published May 13, 2022

Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm... Moderate Unreviewed

CVE-2022-28164 was published May 7, 2022

MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm Moderate Unreviewed

CVE-2013-7286 was published May 5, 2022

neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in... Moderate Unreviewed

CVE-2009-2474 was published May 2, 2022

SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to... Moderate Unreviewed

CVE-2005-4900 was published May 1, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

192 advisories