Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

214 advisories

Loading
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering... Moderate Unreviewed
CVE-2022-29959 was published Aug 17, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm... Moderate Unreviewed
CVE-2022-30320 was published Jul 29, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed
CVE-2022-29965 was published Jul 27, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for... Moderate Unreviewed
CVE-2022-29960 was published Jul 27, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak... Moderate Unreviewed
CVE-2022-34757 was published Jul 14, 2022
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for... Moderate Unreviewed
CVE-2021-31352 was published May 24, 2022
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40528 was published May 24, 2022
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products,... Moderate Unreviewed
CVE-2021-40529 was published May 24, 2022
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40530 was published May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords... Moderate Unreviewed
CVE-2021-33003 was published May 24, 2022
Meow hash 0.5/calico does not sufficiently thwart key recovery by an attacker who can query... Moderate Unreviewed
CVE-2021-37606 was published May 24, 2022
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0... Moderate Unreviewed
CVE-2021-26099 was published May 24, 2022
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a... Moderate Unreviewed
CVE-2021-23993 was published May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired... Moderate Unreviewed
CVE-2020-24587 was published May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired... Moderate Unreviewed
CVE-2020-24588 was published May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms... Moderate Unreviewed
CVE-2021-3446 was published May 24, 2022
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an... Moderate Unreviewed
CVE-2021-20441 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2021-20406 was published May 24, 2022
In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible. Moderate Unreviewed
CVE-2021-25761 was published May 24, 2022
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default. Moderate Unreviewed
CVE-2021-25763 was published May 24, 2022
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote... Moderate Unreviewed
CVE-2020-29536 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2020-4968 was published May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications... Moderate Unreviewed
CVE-2020-20950 was published May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server... Moderate Unreviewed
CVE-2020-7339 was published May 24, 2022
IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms... Moderate Unreviewed
CVE-2020-4624 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database