Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

462 advisories

Loading
IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2016-3019 was published May 13, 2022
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected... High Unreviewed
CVE-2016-5919 was published May 13, 2022
The application was signed using a key length less than or equal to 1024 bits, making it... High Unreviewed
CVE-2020-4099 was published Nov 1, 2022
Inadequate Encryption Strength and Algorithm Downgrade in Wildfly Moderate Unreviewed
CVE-2019-14887 was published Feb 15, 2022
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm... High Unreviewed
CVE-2018-15796 was published May 13, 2022
An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are... High Unreviewed
CVE-2018-18767 was published May 13, 2022
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow... High Unreviewed
CVE-2021-20400 was published Dec 2, 2021
Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of... Critical Unreviewed
CVE-2019-10907 was published May 13, 2022
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38947 was published Dec 14, 2021
controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on... High Unreviewed
CVE-2019-7648 was published May 13, 2022
A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA)... Critical Unreviewed
CVE-2018-0448 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6... Moderate Unreviewed
CVE-2018-1466 was published May 13, 2022
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0,... Moderate Unreviewed
CVE-2014-1491 was published May 13, 2022
The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x... High Unreviewed
CVE-2013-0764 was published May 13, 2022
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows... High Unreviewed
CVE-2017-17543 was published May 13, 2022
An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100... Moderate Unreviewed
CVE-2018-5461 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker... High Unreviewed
CVE-2018-1814 was published May 13, 2022
IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic... High Unreviewed
CVE-2018-1751 was published May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports... High Unreviewed
CVE-2018-1946 was published May 13, 2022
IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2018-1925 was published May 13, 2022
IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1... High Unreviewed
CVE-2018-1665 was published May 13, 2022
IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due... Moderate Unreviewed
CVE-2018-1593 was published May 13, 2022
IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability... Moderate Unreviewed
CVE-2018-1518 was published May 13, 2022
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges.... Low Unreviewed
CVE-2017-9635 was published May 13, 2022
Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is... Moderate Unreviewed
CVE-2018-19001 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database