Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms... Moderate Unreviewed
CVE-2020-4624 was published May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server... Moderate Unreviewed
CVE-2020-7339 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25230 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25232 was published May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database. Low Unreviewed
CVE-2020-23250 was published May 24, 2022
IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic... High Unreviewed
CVE-2020-4898 was published May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications... Moderate Unreviewed
CVE-2020-20950 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2020-4968 was published May 24, 2022
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote... Moderate Unreviewed
CVE-2020-29536 was published May 24, 2022
In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible. Moderate Unreviewed
CVE-2021-25761 was published May 24, 2022
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default. Moderate Unreviewed
CVE-2021-25763 was published May 24, 2022
An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored... High Unreviewed
CVE-2020-10554 was published May 24, 2022
Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is... High Unreviewed
CVE-2020-25493 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2021-20406 was published May 24, 2022
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to... High Unreviewed
CVE-2021-27211 was published May 24, 2022
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is... High Unreviewed
CVE-2021-23839 was published May 24, 2022
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an... Moderate Unreviewed
CVE-2021-20441 was published May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2... High Unreviewed
CVE-2020-35221 was published May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2020-4831 was published May 24, 2022
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in... High Unreviewed
CVE-2021-22309 was published May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms... Moderate Unreviewed
CVE-2021-3446 was published May 24, 2022
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification... Critical Unreviewed
CVE-2021-20305 was published May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired... Moderate Unreviewed
CVE-2020-24587 was published May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired... Moderate Unreviewed
CVE-2020-24588 was published May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... High Unreviewed
CVE-2021-27457 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database