Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

167 advisories

Loading
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote... Moderate Unreviewed
CVE-2020-29536 was published May 24, 2022
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an... Moderate Unreviewed
CVE-2021-20441 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2020-4968 was published May 24, 2022
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default. Moderate Unreviewed
CVE-2021-25763 was published May 24, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit... Moderate Unreviewed
CVE-2007-6755 was published May 1, 2022
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products,... Moderate Unreviewed
CVE-2021-40529 was published May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms... Moderate Unreviewed
CVE-2021-3446 was published May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords... Moderate Unreviewed
CVE-2021-33003 was published May 24, 2022
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40530 was published May 24, 2022
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40528 was published May 24, 2022
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for... Moderate Unreviewed
CVE-2021-31352 was published May 24, 2022
Information from SSL-encrypted sessions via PKCS #1. Moderate Unreviewed
CVE-1999-0007 was published Apr 30, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a... Moderate Unreviewed
CVE-2022-27581 was published Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a... Moderate Unreviewed
CVE-2022-46832 was published Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a... Moderate Unreviewed
CVE-2022-46833 was published Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a... Moderate Unreviewed
CVE-2022-46834 was published Dec 13, 2022
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption,... Moderate Unreviewed
CVE-2009-2273 was published May 2, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios... Moderate Unreviewed
CVE-2022-4610 was published Dec 19, 2022
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and... Moderate Unreviewed
CVE-2013-1053 was published May 5, 2022
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to... Moderate Unreviewed
CVE-2022-20117 was published May 11, 2022
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x... Moderate Unreviewed
CVE-2018-11057 was published May 13, 2022
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication... Moderate Unreviewed
CVE-2019-7006 was published May 13, 2022
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA... Moderate Unreviewed
CVE-2018-11069 was published May 13, 2022
RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a... Moderate Unreviewed
CVE-2018-11070 was published May 13, 2022
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL... Moderate Unreviewed
CVE-2019-6593 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API