Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

410 advisories

Loading
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function... Moderate Unreviewed
CVE-2021-23126 was published May 24, 2022
usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism. High Unreviewed
CVE-2021-27885 was published May 24, 2022
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application... Moderate Unreviewed
CVE-2020-12702 was published May 24, 2022
In the ownCloud application before 2.15 for Android, the lock protection mechanism can be... Moderate Unreviewed
CVE-2020-36250 was published May 24, 2022
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is... High Unreviewed
CVE-2021-23839 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2021-20406 was published May 24, 2022
An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt... High Unreviewed
CVE-2020-36201 was published May 24, 2022
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,... Moderate Unreviewed
CVE-2020-25685 was published May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library... Moderate Unreviewed
CVE-2020-20949 was published May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications... Moderate Unreviewed
CVE-2020-20950 was published May 24, 2022
IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2020-4594 was published May 24, 2022
IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2020-4596 was published May 24, 2022
IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2020-4595 was published May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 uses weaker than expected cryptographic... High Unreviewed
CVE-2019-4160 was published May 24, 2022
The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from... High Unreviewed
CVE-2017-20001 was published May 24, 2022
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below.... High Unreviewed
CVE-2020-11719 was published May 24, 2022
OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file... High Unreviewed
CVE-2020-27408 was published May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,... High Unreviewed
CVE-2020-29063 was published May 24, 2022
A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references,... High Unreviewed
CVE-2020-7565 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that... High Unreviewed
CVE-2020-26552 was published May 24, 2022
Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30... Moderate Unreviewed
CVE-2020-8761 was published May 24, 2022
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with... Moderate Unreviewed
CVE-2020-9128 was published May 24, 2022
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed... Moderate Unreviewed
CVE-2020-5943 was published May 24, 2022
On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels... Moderate Unreviewed
CVE-2020-5938 was published May 24, 2022
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020... Moderate Unreviewed
CVE-2020-27181 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database