Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

164 advisories

Loading
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow... High Unreviewed
CVE-2021-20400 was published Dec 2, 2021
Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some... High Unreviewed
CVE-2021-22170 was published Dec 7, 2021
An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker... High Unreviewed
CVE-2021-37188 was published Dec 11, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38947 was published Dec 14, 2021
Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols... High Unreviewed
CVE-2021-36337 was published Dec 22, 2021
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. High Unreviewed
CVE-2021-45484 was published Dec 26, 2021
The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user... High Unreviewed
CVE-2021-24998 was published Dec 28, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART... High Unreviewed
CVE-2021-20161 was published Dec 31, 2021
A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted... High Unreviewed
CVE-2022-24318 was published Feb 11, 2022
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517,... High Unreviewed
CVE-2021-26726 was published Feb 17, 2022
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may... High Unreviewed
CVE-2020-14481 was published Feb 25, 2022
Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4... High Unreviewed
CVE-2020-10636 was published Feb 25, 2022
An attacker could decipher the encryption and gain access to MDT AutoSave versions prior to v6.02... High Unreviewed
CVE-2021-32945 was published Apr 3, 2022
An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who... High Unreviewed
CVE-2021-45104 was published Apr 7, 2022
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the... High Unreviewed
CVE-2022-0828 was published Apr 12, 2022
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard... High Unreviewed
CVE-2022-1252 was published Apr 12, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... High Unreviewed
CVE-2022-20677 was published Apr 16, 2022
A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak... High Unreviewed
CVE-2012-2130 was published Apr 23, 2022
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2022-22368 was published May 4, 2022
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager,... High Unreviewed
CVE-2021-32010 was published May 5, 2022
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks High Unreviewed
CVE-2021-27761 was published May 7, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected... High Unreviewed
CVE-2018-1545 was published May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected... High Unreviewed
CVE-2018-1785 was published May 13, 2022
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict... High Unreviewed
CVE-2014-0224 was published May 13, 2022
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity... High Unreviewed
CVE-2018-9028 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database