Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
AES OCB fails to encrypt some bytes High
CVE-2022-2097 was published for openssl-src (Rust) Jul 6, 2022
another-rex
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed
CVE-2022-31230 was published Jun 29, 2022
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server... High Unreviewed
CVE-2022-28622 was published Jun 28, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD... High Unreviewed
CVE-2022-24296 was published Jun 9, 2022
Reversible One-Way Hash in io.github.javaezlib:JavaEZ High
CVE-2022-29249 was published for io.github.javaezlib:JavaEZ (Maven) May 25, 2022
A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could... High Unreviewed
CVE-2019-14852 was published May 24, 2022
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP... High Unreviewed
CVE-2020-28396 was published May 24, 2022
Key confusion through non-blocklisted public key formats High
CVE-2022-29217 was published for pyjwt (pip) May 24, 2022
aapooksman
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the... Low Unreviewed
CVE-2020-14264 was published May 24, 2022
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for... Moderate Unreviewed
CVE-2021-31352 was published May 24, 2022
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH... Critical Unreviewed
CVE-2021-36298 was published May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than... High Unreviewed
CVE-2021-29894 was published May 24, 2022
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the... High Unreviewed
CVE-2021-22948 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow... High Unreviewed
CVE-2021-29750 was published May 24, 2022
Logic error in Matrix SDK for Android Moderate
CVE-2021-40824 was published for org.matrix.android:matrix-android-sdk2 (Maven) May 24, 2022
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40528 was published May 24, 2022
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products,... Moderate Unreviewed
CVE-2021-40529 was published May 24, 2022
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40530 was published May 24, 2022
Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute... High Unreviewed
CVE-2021-33582 was published May 24, 2022
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected... High Unreviewed
CVE-2021-29723 was published May 24, 2022
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected... High Unreviewed
CVE-2021-29722 was published May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords... Moderate Unreviewed
CVE-2021-33003 was published May 24, 2022
IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2021-29704 was published May 24, 2022
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and... Critical Unreviewed
CVE-2020-36363 was published May 24, 2022
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2.... Critical Unreviewed
CVE-2021-31556 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database