GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
165 advisories
Filter by severity
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2021-20400
was published
Dec 2, 2021
Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some...
High
Unreviewed
CVE-2021-22170
was published
Dec 7, 2021
An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker...
High
Unreviewed
CVE-2021-37188
was published
Dec 11, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-38947
was published
Dec 14, 2021
Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols...
High
Unreviewed
CVE-2021-36337
was published
Dec 22, 2021
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG.
High
Unreviewed
CVE-2021-45484
was published
Dec 26, 2021
The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user...
High
Unreviewed
CVE-2021-24998
was published
Dec 28, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART...
High
Unreviewed
CVE-2021-20161
was published
Dec 31, 2021
A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted...
High
Unreviewed
CVE-2022-24318
was published
Feb 11, 2022
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517,...
High
Unreviewed
CVE-2021-26726
was published
Feb 17, 2022
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may...
High
Unreviewed
CVE-2020-14481
was published
Feb 25, 2022
Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4...
High
Unreviewed
CVE-2020-10636
was published
Feb 25, 2022
An attacker could decipher the encryption and gain access to MDT AutoSave versions prior to v6.02...
High
Unreviewed
CVE-2021-32945
was published
Apr 3, 2022
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who...
High
Unreviewed
CVE-2021-45104
was published
Apr 7, 2022
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the...
High
Unreviewed
CVE-2022-0828
was published
Apr 12, 2022
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard...
High
Unreviewed
CVE-2022-1252
was published
Apr 12, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco...
High
Unreviewed
CVE-2022-20677
was published
Apr 16, 2022
A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak...
High
Unreviewed
CVE-2012-2130
was published
Apr 23, 2022
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2022-22368
was published
May 4, 2022
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager,...
High
Unreviewed
CVE-2021-32010
was published
May 5, 2022
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks
High
Unreviewed
CVE-2021-27761
was published
May 7, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected...
High
Unreviewed
CVE-2018-1545
was published
May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected...
High
Unreviewed
CVE-2018-1785
was published
May 13, 2022
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict...
High
Unreviewed
CVE-2014-0224
was published
May 13, 2022
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity...
High
Unreviewed
CVE-2018-9028
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API