Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

462 advisories

Loading
An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble... Moderate Unreviewed
CVE-2021-3789 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38983 was published May 24, 2022
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38891 was published May 24, 2022
The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being... Moderate Unreviewed
CVE-2020-1968 was published May 24, 2022
The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This... Moderate Unreviewed
CVE-2019-9399 was published May 24, 2022
Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control... Moderate Unreviewed
CVE-2015-5361 was published May 24, 2022
IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a... High Unreviewed
CVE-2020-4778 was published May 24, 2022
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher... Moderate Unreviewed
CVE-2005-0366 was published May 1, 2022
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2019-4151 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength. High Unreviewed
CVE-2020-13785 was published May 24, 2022
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in... Moderate Unreviewed
CVE-2009-2474 was published May 2, 2022
In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is... High Unreviewed
CVE-2022-38659 was published Dec 19, 2022
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2022-22368 was published May 4, 2022
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager,... High Unreviewed
CVE-2021-32010 was published May 5, 2022
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm Moderate Unreviewed
CVE-2013-7286 was published May 5, 2022
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks High Unreviewed
CVE-2021-27761 was published May 7, 2022
Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm... Moderate Unreviewed
CVE-2022-28164 was published May 7, 2022
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-18325 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-15811 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected... High Unreviewed
CVE-2018-1785 was published May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected... High Unreviewed
CVE-2018-1545 was published May 13, 2022
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170... Critical Unreviewed
CVE-2016-5804 was published May 13, 2022
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3... Moderate Unreviewed
CVE-2018-4839 was published May 13, 2022
An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static... Low Unreviewed
CVE-2018-17177 was published May 13, 2022
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity... High Unreviewed
CVE-2018-9028 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database