Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,605
Maven
5,000+
npm
4,250
NuGet
756
pip
4,016
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

465 advisories

Loading
The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from... High Unreviewed
CVE-2017-20001 was published May 24, 2022
On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction... High Unreviewed
CVE-2019-18630 was published May 24, 2022
IBM Security Guardium Insights 2.0.2 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2020-4596 was published May 24, 2022
Dell EMC Networking X-Series firmware versions prior to 3.0.1.8 and Dell EMC PowerEdge VRTX... Critical Unreviewed
CVE-2021-21507 was published May 24, 2022
SSH server configuration file does not implement some best practices. This could lead to a... High Unreviewed
CVE-2021-27450 was published May 24, 2022
Using techniques that built on the slipstream research, a malicious webpage could have scanned... Moderate Unreviewed
CVE-2021-23982 was published May 24, 2022
Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attackers to obtain sensitive... High Unreviewed
CVE-2020-18220 was published May 24, 2022
Password generator feature in Kaspersky Password Manager was not completely cryptographically... High Unreviewed
CVE-2020-27020 was published May 24, 2022
The flash read-out protection (RDP) level is not enforced during the device initialization phase... Moderate Unreviewed
CVE-2020-27208 was published May 24, 2022
In VOS compromised, an attacker at network endpoints can possibly view communications between an... Moderate Unreviewed
CVE-2018-16499 was published May 24, 2022
Inadequate Encryption Strength in showdoc Moderate
CVE-2021-3680 was published for showdoc/showdoc (Composer) Sep 1, 2021
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0... High Unreviewed
CVE-2020-15387 was published May 24, 2022
Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1... Moderate Unreviewed
CVE-2021-25392 was published May 24, 2022
SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength... Moderate Unreviewed
CVE-2021-32496 was published May 24, 2022
Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it... High Unreviewed
CVE-2021-34430 was published May 24, 2022
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could... Moderate Unreviewed
CVE-2021-20369 was published May 24, 2022
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2021-20360 was published May 24, 2022
In SapphireIMS 4097_1, the password in the database is stored in Base64 format. High Unreviewed
CVE-2017-16632 was published May 24, 2022
Hytec Inter HWL-2511-SS v1.05 and below implements a SHA512crypt hash for the root account which... Critical Unreviewed
CVE-2022-36555 was published Aug 30, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected... High Unreviewed
CVE-2021-38925 was published May 24, 2022
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2021-38862 was published May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption... High Unreviewed
CVE-2021-38464 was published May 24, 2022
Blink1Control2 uses weak password encryption High
CVE-2022-35513 was published for Blink1Control2 (npm) Sep 8, 2022
A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to... High Unreviewed
CVE-2022-40141 was published Sep 20, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38984 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database