GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
144 advisories
Filter by severity
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage...
High
Unreviewed
CVE-2019-3736
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
High
Unreviewed
CVE-2020-10927
was published
May 24, 2022
DomainMOD before 4.14.0 uses MD5 without a salt for password storage.
High
Unreviewed
CVE-2019-9080
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected...
High
Unreviewed
CVE-2020-4937
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25232
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25230
was published
May 24, 2022
IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2020-4898
was published
May 24, 2022
IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2022-22461
was published
Dec 22, 2022
An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored...
High
Unreviewed
CVE-2020-10554
was published
May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2...
High
Unreviewed
CVE-2020-35221
was published
May 24, 2022
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2021-20419
was published
May 24, 2022
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate...
High
Unreviewed
CVE-2021-22212
was published
May 24, 2022
Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is...
High
Unreviewed
CVE-2020-25493
was published
May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2020-4831
was published
May 24, 2022
IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2021-20566
was published
May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-20379
was published
May 24, 2022
IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2021-20497
was published
May 24, 2022
IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker...
High
Unreviewed
CVE-2021-29704
was published
May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2021-29750
was published
May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than...
High
Unreviewed
CVE-2021-29894
was published
May 24, 2022
IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2021-39082
was published
Apr 30, 2022
A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could...
High
Unreviewed
CVE-2019-14852
was published
May 24, 2022
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database...
High
Unreviewed
CVE-2021-27784
was published
Nov 1, 2022
Use of a Broken or Risky Cryptographic Algorithm in PostgreSQL
High
Unreviewed
CVE-2020-25694
was published
Feb 15, 2022
IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-20479
was published
May 10, 2022
ProTip!
Advisories are also available from the
GraphQL API