Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

144 advisories

Loading
Dell EMC Integrated Data Protection Appliance versions prior to 2.3 contain a password storage... High Unreviewed
CVE-2019-3736 was published May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2020-10927 was published May 24, 2022
DomainMOD before 4.14.0 uses MD5 without a salt for password storage. High Unreviewed
CVE-2019-9080 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected... High Unreviewed
CVE-2020-4937 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25232 was published May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2020-25230 was published May 24, 2022
IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic... High Unreviewed
CVE-2020-4898 was published May 24, 2022
IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2022-22461 was published Dec 22, 2022
An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored... High Unreviewed
CVE-2020-10554 was published May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2... High Unreviewed
CVE-2020-35221 was published May 24, 2022
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2021-20419 was published May 24, 2022
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate... High Unreviewed
CVE-2021-22212 was published May 24, 2022
Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is... High Unreviewed
CVE-2020-25493 was published May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2020-4831 was published May 24, 2022
IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2021-20566 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-20379 was published May 24, 2022
IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2021-20497 was published May 24, 2022
IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2021-29704 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow... High Unreviewed
CVE-2021-29750 was published May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than... High Unreviewed
CVE-2021-29894 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2021-39082 was published Apr 30, 2022
A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could... High Unreviewed
CVE-2019-14852 was published May 24, 2022
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database... High Unreviewed
CVE-2021-27784 was published Nov 1, 2022
Use of a Broken or Risky Cryptographic Algorithm in PostgreSQL High Unreviewed
CVE-2020-25694 was published Feb 15, 2022
IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-20479 was published May 10, 2022
ProTip! Advisories are also available from the GraphQL API