GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
353 advisories
Filter by severity
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected...
High
Unreviewed
CVE-2021-29722
was published
May 24, 2022
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected...
High
Unreviewed
CVE-2021-29723
was published
May 24, 2022
Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute...
High
Unreviewed
CVE-2021-33582
was published
May 24, 2022
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during...
Moderate
Unreviewed
CVE-2021-40528
was published
May 24, 2022
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during...
Moderate
Unreviewed
CVE-2021-40530
was published
May 24, 2022
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products,...
Moderate
Unreviewed
CVE-2021-40529
was published
May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2021-29750
was published
May 24, 2022
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the...
High
Unreviewed
CVE-2021-22948
was published
May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than...
High
Unreviewed
CVE-2021-29894
was published
May 24, 2022
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH...
Critical
Unreviewed
CVE-2021-36298
was published
May 24, 2022
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for...
Moderate
Unreviewed
CVE-2021-31352
was published
May 24, 2022
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the...
Low
Unreviewed
CVE-2020-14264
was published
May 24, 2022
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP...
High
Unreviewed
CVE-2020-28396
was published
May 24, 2022
A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could...
High
Unreviewed
CVE-2019-14852
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD...
High
Unreviewed
CVE-2022-24296
was published
Jun 9, 2022
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server...
High
Unreviewed
CVE-2022-28622
was published
Jun 28, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A...
Critical
Unreviewed
CVE-2022-31230
was published
Jun 29, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak...
Moderate
Unreviewed
CVE-2022-34757
was published
Jul 14, 2022
On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade...
High
Unreviewed
CVE-2022-28370
was published
Jul 15, 2022
Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain...
Critical
Unreviewed
CVE-2022-34632
was published
Jul 19, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for...
Moderate
Unreviewed
CVE-2022-29960
was published
Jul 27, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29...
Moderate
Unreviewed
CVE-2022-29965
was published
Jul 27, 2022
The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three...
Critical
Unreviewed
CVE-2022-30273
was published
Jul 27, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm...
Moderate
Unreviewed
CVE-2022-30320
was published
Jul 29, 2022
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering...
Moderate
Unreviewed
CVE-2022-29959
was published
Aug 17, 2022
ProTip!
Advisories are also available from the
GraphQL API