GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
184 advisories
Filter by severity
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is...
Moderate
Unreviewed
CVE-2021-22356
was published
Nov 24, 2021
A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS...
Moderate
Unreviewed
CVE-2021-32591
was published
Dec 9, 2021
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information...
Moderate
Unreviewed
CVE-2021-45486
was published
Dec 26, 2021
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in...
Moderate
Unreviewed
CVE-2021-43550
was published
Dec 28, 2021
The fingerprint module has a security risk of brute force cracking. Successful exploitation of...
Moderate
Unreviewed
CVE-2021-40006
was published
Jan 11, 2022
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than...
Moderate
Unreviewed
CVE-2022-22310
was published
Jan 20, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C...
Moderate
Unreviewed
CVE-2022-21800
was published
Feb 19, 2022
An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol...
Moderate
Unreviewed
CVE-2021-45081
was published
Feb 21, 2022
Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar...
Moderate
Unreviewed
CVE-2022-0377
was published
Mar 1, 2022
A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker...
Moderate
Unreviewed
CVE-2021-43774
was published
Mar 4, 2022
A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel...
Moderate
Unreviewed
CVE-2021-32593
was published
Apr 7, 2022
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG)...
Moderate
Unreviewed
CVE-2022-20805
was published
Apr 22, 2022
Information from SSL-encrypted sessions via PKCS #1.
Moderate
Unreviewed
CVE-1999-0007
was published
Apr 30, 2022
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt,...
Moderate
Unreviewed
CVE-2002-2058
was published
Apr 30, 2022
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead...
Moderate
Unreviewed
CVE-2005-2946
was published
May 1, 2022
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the...
Moderate
Unreviewed
CVE-2005-4860
was published
May 1, 2022
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash,...
Moderate
Unreviewed
CVE-2007-6013
was published
May 1, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit...
Moderate
Unreviewed
CVE-2007-6755
was published
May 1, 2022
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5...
Moderate
Unreviewed
CVE-2008-3188
was published
May 1, 2022
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption,...
Moderate
Unreviewed
CVE-2009-2273
was published
May 2, 2022
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C...
Moderate
Unreviewed
CVE-2013-2213
was published
May 5, 2022
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and...
Moderate
Unreviewed
CVE-2013-1053
was published
May 5, 2022
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to...
Moderate
Unreviewed
CVE-2022-20117
was published
May 11, 2022
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x...
Moderate
Unreviewed
CVE-2018-11057
was published
May 13, 2022
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication...
Moderate
Unreviewed
CVE-2019-7006
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API