Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

410 advisories

Loading
IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which... High Unreviewed
CVE-2021-29794 was published May 24, 2022
A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4... Critical Unreviewed
CVE-2021-24020 was published May 24, 2022
Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it... High Unreviewed
CVE-2021-34430 was published May 24, 2022
SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength... Moderate Unreviewed
CVE-2021-32496 was published May 24, 2022
Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2... Moderate Unreviewed
CVE-2021-31615 was published May 24, 2022
Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1... Moderate Unreviewed
CVE-2021-25392 was published May 24, 2022
Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks. High Unreviewed
CVE-2021-28213 was published May 24, 2022
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic... Critical Unreviewed
CVE-2021-27200 was published May 24, 2022
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0... High Unreviewed
CVE-2020-15387 was published May 24, 2022
In VOS compromised, an attacker at network endpoints can possibly view communications between an... Moderate Unreviewed
CVE-2018-16499 was published May 24, 2022
The flash read-out protection (RDP) level is not enforced during the device initialization phase... Moderate Unreviewed
CVE-2020-27208 was published May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... High Unreviewed
CVE-2021-27457 was published May 24, 2022
Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attackers to obtain sensitive... High Unreviewed
CVE-2020-18220 was published May 24, 2022
Password generator feature in Kaspersky Password Manager was not completely cryptographically... High Unreviewed
CVE-2020-27020 was published May 24, 2022
The NPort IA5000A Series devices use Telnet as one of the network device management services.... Moderate Unreviewed
CVE-2020-27184 was published May 24, 2022
In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS. High Unreviewed
CVE-2021-31898 was published May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired... Moderate Unreviewed
CVE-2020-24587 was published May 24, 2022
Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX... Critical Unreviewed
CVE-2021-21507 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-29694 was published May 24, 2022
Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2... Critical Unreviewed
CVE-2020-26197 was published May 24, 2022
IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow... High Unreviewed
CVE-2020-4965 was published May 24, 2022
Using techniques that built on the slipstream research, a malicious webpage could have scanned... Moderate Unreviewed
CVE-2021-23982 was published May 24, 2022
SSH server configuration file does not implement some best practices. This could lead to a... High Unreviewed
CVE-2021-27450 was published May 24, 2022
Zoho ManageEngine Application Control Plus before 100523 has an insecure SSL configuration... Critical Unreviewed
CVE-2020-29658 was published May 24, 2022
On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction... High Unreviewed
CVE-2019-18630 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database