Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash,... Moderate Unreviewed
CVE-2007-6013 was published May 1, 2022
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering... Moderate Unreviewed
CVE-2022-29959 was published Aug 17, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for... Moderate Unreviewed
CVE-2022-29960 was published Jul 27, 2022
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the... Moderate Unreviewed
CVE-2005-4860 was published May 1, 2022
The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three... Critical Unreviewed
CVE-2022-30273 was published Jul 27, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm... Moderate Unreviewed
CVE-2022-30320 was published Jul 29, 2022
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than... Moderate Unreviewed
CVE-2023-50312 was published Mar 1, 2024
Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An... Low Unreviewed
CVE-2024-22458 was published Mar 1, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2024-27255 was published Mar 3, 2024
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic... High Unreviewed
CVE-2024-22463 was published Mar 4, 2024
HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. High Unreviewed
CVE-2022-37177 was published Aug 30, 2022
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic... Moderate Unreviewed
CVE-2024-25963 was published Mar 28, 2024
** DISPUTED ** An issue was discovered in SMA Solar Technology products. The inverters make use... Critical Unreviewed
CVE-2017-9859 was published May 13, 2022
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242... Moderate Unreviewed
CVE-2020-11876 was published May 24, 2022
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for... Moderate Unreviewed
CVE-2023-50313 was published Apr 2, 2024
Withdrawn: JJWT improperly generates signing keys Moderate
CVE-2024-31033 was published for io.jsonwebtoken:jjwt-impl (Maven) Apr 1, 2024 withdrawn
ebickle
Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords. High Unreviewed
CVE-2012-5623 was published Apr 23, 2022
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C... Moderate Unreviewed
CVE-2013-2213 was published May 5, 2022
HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized,... Moderate Unreviewed
CVE-2019-11323 was published May 24, 2022
Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD) Platform Security Processor... Moderate Unreviewed
CVE-2019-9836 was published May 24, 2022
There is a short key vulnerability in HID Global DigitalPersona (formerly Crossmatch) U.are.U... Moderate Unreviewed
CVE-2019-13604 was published May 24, 2022
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses... Moderate Unreviewed
CVE-2018-18371 was published May 24, 2022
An issue was discovered in Total.js CMS 12.0.0. A low privilege user can perform a simple... Moderate Unreviewed
CVE-2019-15955 was published May 24, 2022
In situations where an attacker receives automated notification of the success or failure of a... Moderate Unreviewed
CVE-2019-1563 was published May 24, 2022
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in... Moderate Unreviewed
CVE-2019-16116 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database