GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,132
Erlang
29
GitHub Actions
19
Go
1,937
Maven
5,000+
npm
3,676
NuGet
642
pip
3,292
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
364 advisories
Filter by severity
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-20379
was published
May 24, 2022
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a...
Moderate
Unreviewed
CVE-2021-23993
was published
May 24, 2022
IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2021-20566
was published
May 24, 2022
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate...
High
Unreviewed
CVE-2021-22212
was published
May 24, 2022
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x...
High
Unreviewed
CVE-2020-26515
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX)...
Critical
Unreviewed
CVE-2021-22738
was published
May 24, 2022
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2021-20419
was published
May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer....
High
Unreviewed
CVE-2021-27457
was published
May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired...
Moderate
Unreviewed
CVE-2020-24588
was published
May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired...
Moderate
Unreviewed
CVE-2020-24587
was published
May 24, 2022
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification...
Critical
Unreviewed
CVE-2021-20305
was published
May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms...
Moderate
Unreviewed
CVE-2021-3446
was published
May 24, 2022
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in...
High
Unreviewed
CVE-2021-22309
was published
May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2020-4831
was published
May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2...
High
Unreviewed
CVE-2020-35221
was published
May 24, 2022
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an...
Moderate
Unreviewed
CVE-2021-20441
was published
May 24, 2022
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is...
High
Unreviewed
CVE-2021-23839
was published
May 24, 2022
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to...
High
Unreviewed
CVE-2021-27211
was published
May 24, 2022
IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2021-20406
was published
May 24, 2022
Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is...
High
Unreviewed
CVE-2020-25493
was published
May 24, 2022
An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored...
High
Unreviewed
CVE-2020-10554
was published
May 24, 2022
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.
Moderate
Unreviewed
CVE-2021-25763
was published
May 24, 2022
In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible.
Moderate
Unreviewed
CVE-2021-25761
was published
May 24, 2022
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote...
Moderate
Unreviewed
CVE-2020-29536
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2020-4968
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API