Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
A vulnerability, which was classified as problematic, has been found in Click Studios... Moderate Unreviewed
CVE-2022-4610 was published Dec 19, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a... Moderate Unreviewed
CVE-2022-46833 was published Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a... Moderate Unreviewed
CVE-2022-46834 was published Dec 13, 2022
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an... Moderate Unreviewed
CVE-2022-46140 was published Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a... Moderate Unreviewed
CVE-2022-46832 was published Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a... Moderate Unreviewed
CVE-2022-27581 was published Dec 13, 2022
IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2022-34361 was published Dec 6, 2022
IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2022-34320 was published Nov 15, 2022
IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2022-34319 was published Nov 14, 2022
SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation... Moderate Unreviewed
CVE-2022-45195 was published Nov 13, 2022
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database... High Unreviewed
CVE-2021-27784 was published Nov 1, 2022
SIF's Digital Signature Hash Algorithms Not Validated Moderate
CVE-2022-39237 was published for github.com/sylabs/sif/v2 (Go) Oct 6, 2022
tri-adam
WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An... Moderate Unreviewed
CVE-2022-29835 was published Sep 20, 2022
HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. High Unreviewed
CVE-2022-37177 was published Aug 30, 2022
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the... Moderate Unreviewed
CVE-2021-3979 was published Aug 26, 2022
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering... Moderate Unreviewed
CVE-2022-29959 was published Aug 17, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm... Moderate Unreviewed
CVE-2022-30320 was published Jul 29, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed
CVE-2022-29965 was published Jul 27, 2022
The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three... Critical Unreviewed
CVE-2022-30273 was published Jul 27, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for... Moderate Unreviewed
CVE-2022-29960 was published Jul 27, 2022
Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed
CVE-2022-34632 was published Jul 19, 2022
LTI 1.3 Tool Library's Nonce Claim Value not validated against nonce value sent in Authentication Request before v5.0 High
CVE-2022-31158 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
LTI 1.3 Tool Library's function used to generate random nonces not sufficiently cryptographically complex before v5.0 High
CVE-2022-31157 was published for packbackbooks/lti-1-3-php-library (Composer) Jul 15, 2022
On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade... High Unreviewed
CVE-2022-28370 was published Jul 15, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak... Moderate Unreviewed
CVE-2022-34757 was published Jul 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database