GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
192 advisories
Filter by severity
In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it...
Moderate
Unreviewed
CVE-2019-15947
was published
May 24, 2022
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub...
Moderate
Unreviewed
CVE-2019-14664
was published
May 24, 2022
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values...
Moderate
Unreviewed
CVE-2019-10638
was published
May 24, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.0 uses...
Moderate
Unreviewed
CVE-2019-4102
was published
May 24, 2022
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2019-4151
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm in XWiki Crypto API
Moderate
CVE-2022-29161
was published
for
org.xwiki.platform:xwiki-platform-crypto
(Maven)
May 24, 2022
Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through...
Moderate
Unreviewed
CVE-2020-16235
was published
May 20, 2022
Beaker Sensitive Information Disclosure vulnerability
Moderate
CVE-2012-3458
was published
for
beaker
(pip)
May 17, 2022
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software...
Moderate
Unreviewed
CVE-2015-8086
was published
May 17, 2022
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software...
Moderate
Unreviewed
CVE-2015-8085
was published
May 17, 2022
IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information,...
Moderate
Unreviewed
CVE-2016-3034
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue...
Moderate
Unreviewed
CVE-2016-4685
was published
May 17, 2022
Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the...
Moderate
Unreviewed
CVE-2016-10104
was published
May 17, 2022
IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2017-1179
was published
May 17, 2022
An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and...
Moderate
Unreviewed
CVE-2017-2391
was published
May 17, 2022
SimpleSAMLphp Incorrect IV generation for encryption
Moderate
CVE-2017-12871
was published
for
simplesamlphp/simplesamlphp
(Composer)
May 17, 2022
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2017-1664
was published
May 14, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2018-1425
was published
May 14, 2022
IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for...
Moderate
Unreviewed
CVE-2015-4953
was published
May 14, 2022
IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash...
Moderate
Unreviewed
CVE-2014-0841
was published
May 14, 2022
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the...
Moderate
Unreviewed
CVE-2016-6225
was published
May 14, 2022
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2017-1665
was published
May 14, 2022
comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL...
Moderate
Unreviewed
CVE-2018-6653
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue...
Moderate
Unreviewed
CVE-2017-2399
was published
May 13, 2022
IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow...
Moderate
Unreviewed
CVE-2017-1713
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API