GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
187 advisories
Filter by severity
A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak...
High
Unreviewed
CVE-2012-2130
was published
Apr 23, 2022
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2022-22368
was published
May 4, 2022
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager,...
High
Unreviewed
CVE-2021-32010
was published
May 5, 2022
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks
High
Unreviewed
CVE-2021-27761
was published
May 7, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected...
High
Unreviewed
CVE-2018-1545
was published
May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected...
High
Unreviewed
CVE-2018-1785
was published
May 13, 2022
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict...
High
Unreviewed
CVE-2014-0224
was published
May 13, 2022
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity...
High
Unreviewed
CVE-2018-9028
was published
May 13, 2022
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier...
High
Unreviewed
CVE-2013-4508
was published
May 13, 2022
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected...
High
Unreviewed
CVE-2016-5919
was published
May 13, 2022
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm...
High
Unreviewed
CVE-2018-15796
was published
May 13, 2022
An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are...
High
Unreviewed
CVE-2018-18767
was published
May 13, 2022
controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on...
High
Unreviewed
CVE-2019-7648
was published
May 13, 2022
The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x...
High
Unreviewed
CVE-2013-0764
was published
May 13, 2022
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows...
High
Unreviewed
CVE-2017-17543
was published
May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports...
High
Unreviewed
CVE-2018-1946
was published
May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker...
High
Unreviewed
CVE-2018-1814
was published
May 13, 2022
IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2018-1751
was published
May 13, 2022
IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1...
High
Unreviewed
CVE-2018-1665
was published
May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2017-1695
was published
May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected...
High
Unreviewed
CVE-2017-1366
was published
May 13, 2022
On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account...
High
Unreviewed
CVE-2017-14262
was published
May 13, 2022
Weak Cryptography in PHP-Proxy
High
CVE-2018-19784
was published
for
athlon1600/php-proxy
(Composer)
May 13, 2022
System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with...
High
Unreviewed
CVE-2018-6635
was published
May 13, 2022
Using remote content in encrypted messages can lead to the disclosure of plaintext. This...
High
Unreviewed
CVE-2018-5184
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API