Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

188 advisories

Loading
In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data. Moderate Unreviewed
CVE-2021-37588 was published May 24, 2022
In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data. Moderate Unreviewed
CVE-2021-37587 was published May 24, 2022
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS,... Moderate Unreviewed
CVE-2021-36769 was published May 24, 2022
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could... Moderate Unreviewed
CVE-2021-20369 was published May 24, 2022
SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength... Moderate Unreviewed
CVE-2021-32496 was published May 24, 2022
Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2... Moderate Unreviewed
CVE-2021-31615 was published May 24, 2022
Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1... Moderate Unreviewed
CVE-2021-25392 was published May 24, 2022
In VOS compromised, an attacker at network endpoints can possibly view communications between an... Moderate Unreviewed
CVE-2018-16499 was published May 24, 2022
The flash read-out protection (RDP) level is not enforced during the device initialization phase... Moderate Unreviewed
CVE-2020-27208 was published May 24, 2022
The NPort IA5000A Series devices use Telnet as one of the network device management services.... Moderate Unreviewed
CVE-2020-27184 was published May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired... Moderate Unreviewed
CVE-2020-24587 was published May 24, 2022
Using techniques that built on the slipstream research, a malicious webpage could have scanned... Moderate Unreviewed
CVE-2021-23982 was published May 24, 2022
An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function... Moderate Unreviewed
CVE-2021-23126 was published May 24, 2022
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application... Moderate Unreviewed
CVE-2020-12702 was published May 24, 2022
In the ownCloud application before 2.15 for Android, the lock protection mechanism can be... Moderate Unreviewed
CVE-2020-36250 was published May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2021-20406 was published May 24, 2022
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,... Moderate Unreviewed
CVE-2020-25685 was published May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library... Moderate Unreviewed
CVE-2020-20949 was published May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications... Moderate Unreviewed
CVE-2020-20950 was published May 24, 2022
Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30... Moderate Unreviewed
CVE-2020-8761 was published May 24, 2022
FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with... Moderate Unreviewed
CVE-2020-9128 was published May 24, 2022
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed... Moderate Unreviewed
CVE-2020-5943 was published May 24, 2022
On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels... Moderate Unreviewed
CVE-2020-5938 was published May 24, 2022
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020... Moderate Unreviewed
CVE-2020-27181 was published May 24, 2022
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode... Moderate Unreviewed
CVE-2020-7069 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database