GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,833
Maven
5,000+
npm
3,573
NuGet
632
pip
3,160
Pub
10
RubyGems
847
Rust
798
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
169 advisories
Filter by severity
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than...
Moderate
Unreviewed
CVE-2022-22310
was published
Jan 20, 2022
The fingerprint module has a security risk of brute force cracking. Successful exploitation of...
Moderate
Unreviewed
CVE-2021-40006
was published
Jan 11, 2022
A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS...
Moderate
Unreviewed
CVE-2021-32591
was published
Dec 9, 2021
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a...
Moderate
Unreviewed
CVE-2021-23993
was published
May 24, 2022
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0...
Moderate
Unreviewed
CVE-2021-26099
was published
May 24, 2022
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state...
Moderate
Unreviewed
CVE-2015-2808
was published
May 13, 2022
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the...
Moderate
Unreviewed
CVE-2021-3979
was published
Aug 26, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server...
Moderate
Unreviewed
CVE-2020-7339
was published
May 24, 2022
IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an...
Moderate
Unreviewed
CVE-2023-38361
was published
Nov 18, 2023
The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively...
Moderate
Unreviewed
CVE-2022-24403
was published
Dec 5, 2023
Brocade Fabric OS (FOS) hardware
platforms running any version of Brocade Fabric OS software,...
Moderate
Unreviewed
CVE-2021-27795
was published
Dec 6, 2023
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to...
Moderate
Unreviewed
CVE-2023-26024
was published
Dec 1, 2023
IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms...
Moderate
Unreviewed
CVE-2022-43843
was published
Dec 14, 2023
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware...
Moderate
Unreviewed
CVE-2023-5962
was published
Dec 23, 2023
A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka ...
Moderate
Unreviewed
CVE-2020-1596
was published
May 24, 2022
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow...
Moderate
Unreviewed
CVE-2023-50939
was published
Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow...
Moderate
Unreviewed
CVE-2023-50937
was published
Feb 2, 2024
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker...
Moderate
Unreviewed
CVE-2024-1040
was published
Feb 2, 2024
IBM Semeru Runtime 8.0.302.0 through 8.0.392.0, 11.0.12.0 through 11.0.21.0, 17.0.1.0 - 17.0.9.0,...
Moderate
Unreviewed
CVE-2024-22361
was published
Feb 10, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2022-34310
was published
Feb 12, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2022-34309
was published
Feb 12, 2024
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead...
Moderate
Unreviewed
CVE-2005-2946
was published
May 1, 2022
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt,...
Moderate
Unreviewed
CVE-2002-2058
was published
Apr 30, 2022
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5...
Moderate
Unreviewed
CVE-2008-3188
was published
May 1, 2022
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash,...
Moderate
Unreviewed
CVE-2007-6013
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API