GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
374 advisories
Filter by severity
IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2022-22327
was published
Apr 2, 2022
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and...
High
Unreviewed
CVE-2021-33018
was published
Apr 3, 2022
A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel...
Moderate
Unreviewed
CVE-2021-32593
was published
Apr 7, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote...
Critical
Unreviewed
CVE-2022-26854
was published
Apr 9, 2022
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm...
High
Unreviewed
CVE-2022-22559
was published
Apr 13, 2022
IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2021-39076
was published
Apr 20, 2022
The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation...
High
Unreviewed
CVE-2022-29566
was published
Apr 22, 2022
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information...
Moderate
Unreviewed
CVE-2021-45486
was published
Dec 26, 2021
An exploitable information disclosure vulnerability exists in the Weave PASE pairing...
Critical
Unreviewed
CVE-2019-5035
was published
May 24, 2022
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an...
High
Unreviewed
CVE-2021-45485
was published
Dec 26, 2021
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to...
High
Unreviewed
CVE-2021-27211
was published
May 24, 2022
BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an...
High
Unreviewed
CVE-2020-27611
was published
May 24, 2022
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in...
High
Unreviewed
CVE-2021-22309
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of...
High
Unreviewed
CVE-2019-5163
was published
May 24, 2022
Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute...
High
Unreviewed
CVE-2021-33582
was published
May 24, 2022
An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that...
Moderate
Unreviewed
CVE-2020-10932
was published
May 24, 2022
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated...
Low
Unreviewed
CVE-2021-34688
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD...
High
Unreviewed
CVE-2022-24296
was published
Jun 9, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer....
High
Unreviewed
CVE-2021-27457
was published
May 24, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for...
High
Unreviewed
CVE-2017-11133
was published
May 17, 2022
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP...
High
Unreviewed
CVE-2020-28396
was published
May 24, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A...
Critical
Unreviewed
CVE-2022-31230
was published
Jun 29, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute...
Critical
Unreviewed
CVE-2014-8687
was published
May 17, 2022
The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a...
Critical
Unreviewed
CVE-2017-9466
was published
May 17, 2022
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server...
High
Unreviewed
CVE-2022-28622
was published
Jun 28, 2022
ProTip!
Advisories are also available from the
GraphQL API