GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,050
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
192 advisories
Filter by severity
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2019-4151
was published
May 24, 2022
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher...
Moderate
Unreviewed
CVE-2005-0366
was published
May 1, 2022
Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control...
Moderate
Unreviewed
CVE-2015-5361
was published
May 24, 2022
The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This...
Moderate
Unreviewed
CVE-2019-9399
was published
May 24, 2022
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being...
Moderate
Unreviewed
CVE-2020-1968
was published
May 24, 2022
An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble...
Moderate
Unreviewed
CVE-2021-3789
was published
May 24, 2022
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could...
Moderate
Unreviewed
CVE-2021-20369
was published
May 24, 2022
SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength...
Moderate
Unreviewed
CVE-2021-32496
was published
May 24, 2022
Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1...
Moderate
Unreviewed
CVE-2021-25392
was published
May 24, 2022
Inadequate Encryption Strength in showdoc
Moderate
CVE-2021-3680
was published
for
showdoc/showdoc
(Composer)
Sep 1, 2021
In VOS compromised, an attacker at network endpoints can possibly view communications between an...
Moderate
Unreviewed
CVE-2018-16499
was published
May 24, 2022
The flash read-out protection (RDP) level is not enforced during the device initialization phase...
Moderate
Unreviewed
CVE-2020-27208
was published
May 24, 2022
Using techniques that built on the slipstream research, a malicious webpage could have scanned...
Moderate
Unreviewed
CVE-2021-23982
was published
May 24, 2022
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application...
Moderate
Unreviewed
CVE-2020-12702
was published
May 24, 2022
When viewing an email message A, which contains an attached message B, where B is encrypted or...
Moderate
Unreviewed
CVE-2022-1520
was published
Dec 22, 2022
In the ownCloud application before 2.15 for Android, the lock protection mechanism can be...
Moderate
Unreviewed
CVE-2020-36250
was published
May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library...
Moderate
Unreviewed
CVE-2020-20949
was published
May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications...
Moderate
Unreviewed
CVE-2020-20950
was published
May 24, 2022
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020...
Moderate
Unreviewed
CVE-2020-27181
was published
May 24, 2022
Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30...
Moderate
Unreviewed
CVE-2020-8761
was published
May 24, 2022
On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels...
Moderate
Unreviewed
CVE-2020-5938
was published
May 24, 2022
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with...
Moderate
Unreviewed
CVE-2020-9128
was published
May 24, 2022
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode...
Moderate
Unreviewed
CVE-2020-7069
was published
May 24, 2022
In various functions in fscrypt_ice.c and related files in some implementations of f2fs...
Moderate
Unreviewed
CVE-2020-0407
was published
May 24, 2022
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS...
Moderate
Unreviewed
CVE-2021-37209
was published
Mar 9, 2022
ProTip!
Advisories are also available from the
GraphQL API