Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

459 advisories

Loading
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a... Moderate Unreviewed
CVE-2022-27581 was published Dec 13, 2022
IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2022-34361 was published Dec 6, 2022
IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2022-34320 was published Nov 15, 2022
IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2022-34319 was published Nov 14, 2022
SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation... Moderate Unreviewed
CVE-2022-45195 was published Nov 13, 2022
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database... High Unreviewed
CVE-2021-27784 was published Nov 1, 2022
SIF's Digital Signature Hash Algorithms Not Validated Moderate
CVE-2022-39237 was published for github.com/sylabs/sif/v2 (Go) Oct 6, 2022
tri-adam
WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An... Moderate Unreviewed
CVE-2022-29835 was published Sep 20, 2022
HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. High Unreviewed
CVE-2022-37177 was published Aug 30, 2022
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the... Moderate Unreviewed
CVE-2021-3979 was published Aug 26, 2022
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering... Moderate Unreviewed
CVE-2022-29959 was published Aug 17, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm... Moderate Unreviewed
CVE-2022-30320 was published Jul 29, 2022
The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three... Critical Unreviewed
CVE-2022-30273 was published Jul 27, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed
CVE-2022-29965 was published Jul 27, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for... Moderate Unreviewed
CVE-2022-29960 was published Jul 27, 2022
Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed
CVE-2022-34632 was published Jul 19, 2022
LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High
CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
LTI 1.3 Tool Library's function used to generate random nonces not sufficiently cryptographically complex before v5.0 High
CVE-2022-31157 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade... High Unreviewed
CVE-2022-28370 was published Jul 15, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak... Moderate Unreviewed
CVE-2022-34757 was published Jul 14, 2022
AES OCB fails to encrypt some bytes High
CVE-2022-2097 was published for openssl-src (Rust) Jul 6, 2022
another-rex
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed
CVE-2022-31230 was published Jun 29, 2022
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server... High Unreviewed
CVE-2022-28622 was published Jun 28, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD... High Unreviewed
CVE-2022-24296 was published Jun 9, 2022
Reversible One-Way Hash in io.github.javaezlib:JavaEZ High
CVE-2022-29249 was published for io.github.javaezlib:JavaEZ (Maven) May 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database