GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
172 advisories
Filter by severity
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication...
Moderate
Unreviewed
CVE-2019-7006
was published
May 13, 2022
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x...
Moderate
Unreviewed
CVE-2018-11057
was published
May 13, 2022
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to...
Moderate
Unreviewed
CVE-2022-20117
was published
May 11, 2022
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and...
Moderate
Unreviewed
CVE-2013-1053
was published
May 5, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios...
Moderate
Unreviewed
CVE-2022-4610
was published
Dec 19, 2022
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption,...
Moderate
Unreviewed
CVE-2009-2273
was published
May 2, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a...
Moderate
Unreviewed
CVE-2022-46834
was published
Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a...
Moderate
Unreviewed
CVE-2022-46833
was published
Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a...
Moderate
Unreviewed
CVE-2022-46832
was published
Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a...
Moderate
Unreviewed
CVE-2022-27581
was published
Dec 13, 2022
Information from SSL-encrypted sessions via PKCS #1.
Moderate
Unreviewed
CVE-1999-0007
was published
Apr 30, 2022
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for...
Moderate
Unreviewed
CVE-2021-31352
was published
May 24, 2022
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during...
Moderate
Unreviewed
CVE-2021-40528
was published
May 24, 2022
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during...
Moderate
Unreviewed
CVE-2021-40530
was published
May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords...
Moderate
Unreviewed
CVE-2021-33003
was published
May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms...
Moderate
Unreviewed
CVE-2021-3446
was published
May 24, 2022
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products,...
Moderate
Unreviewed
CVE-2021-40529
was published
May 24, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit...
Moderate
Unreviewed
CVE-2007-6755
was published
May 1, 2022
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.
Moderate
Unreviewed
CVE-2021-25763
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2020-4968
was published
May 24, 2022
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an...
Moderate
Unreviewed
CVE-2021-20441
was published
May 24, 2022
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote...
Moderate
Unreviewed
CVE-2020-29536
was published
May 24, 2022
IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms...
Moderate
Unreviewed
CVE-2020-4624
was published
May 24, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications...
Moderate
Unreviewed
CVE-2020-20950
was published
May 24, 2022
Untangle Firewall NG before 16.0 uses MD5 for passwords.
Moderate
Unreviewed
CVE-2020-17494
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API