Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

214 advisories

Loading
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a... Moderate Unreviewed
CVE-2022-27581 was published Dec 13, 2022
Information from SSL-encrypted sessions via PKCS #1. Moderate Unreviewed
CVE-1999-0007 was published Apr 30, 2022
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for... Moderate Unreviewed
CVE-2021-31352 was published May 24, 2022
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40528 was published May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords... Moderate Unreviewed
CVE-2021-33003 was published May 24, 2022
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40530 was published May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms... Moderate Unreviewed
CVE-2021-3446 was published May 24, 2022
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products,... Moderate Unreviewed
CVE-2021-40529 was published May 24, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit... Moderate Unreviewed
CVE-2007-6755 was published May 1, 2022
Command Injection in Apache James Moderate
CVE-2021-38542 was published for org.apache.james:james-server (Maven) Jan 8, 2022
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default. Moderate Unreviewed
CVE-2021-25763 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2020-4968 was published May 24, 2022
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an... Moderate Unreviewed
CVE-2021-20441 was published May 24, 2022
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote... Moderate Unreviewed
CVE-2020-29536 was published May 24, 2022
IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms... Moderate Unreviewed
CVE-2020-4624 was published May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications... Moderate Unreviewed
CVE-2020-20950 was published May 24, 2022
Untangle Firewall NG before 16.0 uses MD5 for passwords. Moderate Unreviewed
CVE-2020-17494 was published May 24, 2022
In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of... Moderate Unreviewed
CVE-2020-24619 was published May 24, 2022
During RSA key generation, bignum implementations used a variation of the Binary Extended... Moderate Unreviewed
CVE-2020-12402 was published May 24, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 ... Moderate Unreviewed
CVE-2020-7511 was published May 24, 2022
A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC (All... Moderate Unreviewed
CVE-2019-10929 was published May 24, 2022
An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file... Moderate Unreviewed
CVE-2020-10560 was published May 24, 2022
wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing... Moderate Unreviewed
CVE-2020-11713 was published May 24, 2022
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and... Moderate Unreviewed
CVE-2020-10601 was published May 24, 2022
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is... Moderate Unreviewed
CVE-2020-11501 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database