GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
165 advisories
Filter by severity
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the...
High
Unreviewed
CVE-2022-0828
was published
Apr 12, 2022
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who...
High
Unreviewed
CVE-2021-45104
was published
Apr 7, 2022
An attacker could decipher the encryption and gain access to MDT AutoSave versions prior to v6.02...
High
Unreviewed
CVE-2021-32945
was published
Apr 3, 2022
Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4...
High
Unreviewed
CVE-2020-10636
was published
Feb 25, 2022
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may...
High
Unreviewed
CVE-2020-14481
was published
Feb 25, 2022
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517,...
High
Unreviewed
CVE-2021-26726
was published
Feb 17, 2022
A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted...
High
Unreviewed
CVE-2022-24318
was published
Feb 11, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART...
High
Unreviewed
CVE-2021-20161
was published
Dec 31, 2021
The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user...
High
Unreviewed
CVE-2021-24998
was published
Dec 28, 2021
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
High
Unreviewed
CVE-2021-45484
was published
Dec 26, 2021
Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols...
High
Unreviewed
CVE-2021-36337
was published
Dec 22, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-38947
was published
Dec 14, 2021
An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker...
High
Unreviewed
CVE-2021-37188
was published
Dec 11, 2021
Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some...
High
Unreviewed
CVE-2021-22170
was published
Dec 7, 2021
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2021-20400
was published
Dec 2, 2021
ProTip!
Advisories are also available from the
GraphQL API