GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
358 advisories
Filter by severity
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not...
High
Unreviewed
CVE-2021-46900
was published
Dec 31, 2023
The authentication cookies are generated using an algorithm based on the username, hardcoded...
High
Unreviewed
CVE-2023-49259
was published
Jan 12, 2024
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR...
Low
Unreviewed
CVE-2019-18340
was published
May 24, 2022
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of...
Critical
Unreviewed
CVE-2023-34039
was published
Aug 29, 2023
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption,...
High
Unreviewed
CVE-2023-50350
was published
Jan 3, 2024
A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka ...
Moderate
Unreviewed
CVE-2020-1596
was published
May 24, 2022
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware...
Moderate
Unreviewed
CVE-2023-5962
was published
Dec 23, 2023
IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms...
Moderate
Unreviewed
CVE-2022-43843
was published
Dec 14, 2023
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to...
Moderate
Unreviewed
CVE-2023-26024
was published
Dec 1, 2023
Brocade Fabric OS (FOS) hardware
platforms running any version of Brocade Fabric OS software,...
Moderate
Unreviewed
CVE-2021-27795
was published
Dec 6, 2023
The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively...
Moderate
Unreviewed
CVE-2022-24403
was published
Dec 5, 2023
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt...
High
Unreviewed
CVE-2021-45450
was published
Dec 22, 2021
IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an...
Moderate
Unreviewed
CVE-2023-38361
was published
Nov 18, 2023
Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server...
Moderate
Unreviewed
CVE-2020-7339
was published
May 24, 2022
A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as...
Low
Unreviewed
CVE-2023-2900
was published
May 25, 2023
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the...
Moderate
Unreviewed
CVE-2021-3979
was published
Aug 26, 2022
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported...
High
Unreviewed
CVE-2021-2351
was published
May 24, 2022
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x...
High
Unreviewed
CVE-2020-26515
was published
May 24, 2022
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by...
Critical
Unreviewed
CVE-2022-45141
was published
Mar 7, 2023
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state...
Moderate
Unreviewed
CVE-2015-2808
was published
May 13, 2022
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2....
Critical
Unreviewed
CVE-2021-31556
was published
May 24, 2022
The combination of various cryptographic issues in the session management of FortiMail 6.4.0...
High
Unreviewed
CVE-2021-26095
was published
May 24, 2022
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0...
Moderate
Unreviewed
CVE-2021-26099
was published
May 24, 2022
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a...
Moderate
Unreviewed
CVE-2021-23993
was published
May 24, 2022
A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS...
Moderate
Unreviewed
CVE-2021-32591
was published
Dec 9, 2021
ProTip!
Advisories are also available from the
GraphQL API