Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS... Moderate Unreviewed
CVE-2021-32591 was published Dec 9, 2021
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a... Moderate Unreviewed
CVE-2021-23993 was published May 24, 2022
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0... Moderate Unreviewed
CVE-2021-26099 was published May 24, 2022
The combination of various cryptographic issues in the session management of FortiMail 6.4.0... High Unreviewed
CVE-2021-26095 was published May 24, 2022
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2.... Critical Unreviewed
CVE-2021-31556 was published May 24, 2022
Incorrect hash in sha2 Critical
CVE-2021-45696 was published for sha2 (Rust) Jan 6, 2022
Logic error in Matrix SDK for Android Moderate
CVE-2021-40824 was published for org.matrix.android:matrix-android-sdk2 (Maven) May 24, 2022
golang.org/x/crypto/ssh Denial of service via crafted Signer High
CVE-2022-27191 was published for golang.org/x/crypto (Go) Mar 19, 2022
westonsteimel
Elliptic Uses a Broken or Risky Cryptographic Algorithm Moderate
CVE-2020-28498 was published for elliptic (npm) Mar 8, 2021
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by... Critical Unreviewed
CVE-2022-45141 was published Mar 7, 2023
python-apt Flawed Package Integrity Check Moderate
CVE-2019-15795 was published for python-apt (pip) May 24, 2022
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x... High Unreviewed
CVE-2020-26515 was published May 24, 2022
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported... High Unreviewed
CVE-2021-2351 was published May 24, 2022
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the... Moderate Unreviewed
CVE-2021-3979 was published Aug 26, 2022
A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as... Low Unreviewed
CVE-2023-2900 was published May 25, 2023
crypto-es PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard Critical
CVE-2023-46133 was published for crypto-es (npm) Oct 25, 2023
Zemnmez
Incorrect implementation of the Streebog hash functions in streebog High
CVE-2019-25006 was published for streebog (Rust) Aug 25, 2021
jose4j uses weak cryptographic algorithm High
CVE-2023-31582 was published for org.bitbucket.b_c:jose4j (Maven) Oct 25, 2023
Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server... Moderate Unreviewed
CVE-2020-7339 was published May 24, 2022
IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an... Moderate Unreviewed
CVE-2023-38361 was published Nov 18, 2023
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt... High Unreviewed
CVE-2021-45450 was published Dec 22, 2021
The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively... Moderate Unreviewed
CVE-2022-24403 was published Dec 5, 2023
Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software,... Moderate Unreviewed
CVE-2021-27795 was published Dec 6, 2023
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to... Moderate Unreviewed
CVE-2023-26024 was published Dec 1, 2023
IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms... Moderate Unreviewed
CVE-2022-43843 was published Dec 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database