GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,587
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,988
Maven 5,170
npm 3,704
NuGet 661
pip 3,332
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,231

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

164 advisories

Filter by severity

Sort by

Least recently updated

On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account... High Unreviewed

CVE-2017-14262 was published May 13, 2022

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected... High Unreviewed

CVE-2017-1366 was published May 13, 2022

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow... High Unreviewed

CVE-2017-1695 was published May 13, 2022

IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1... High Unreviewed

CVE-2018-1665 was published May 13, 2022

IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic... High Unreviewed

CVE-2018-1751 was published May 13, 2022

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker... High Unreviewed

CVE-2018-1814 was published May 13, 2022

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports... High Unreviewed

CVE-2018-1946 was published May 13, 2022

Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows... High Unreviewed

CVE-2017-17543 was published May 13, 2022

The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x... High Unreviewed

CVE-2013-0764 was published May 13, 2022

controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on... High Unreviewed

CVE-2019-7648 was published May 13, 2022

An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are... High Unreviewed

CVE-2018-18767 was published May 13, 2022

Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm... High Unreviewed

CVE-2018-15796 was published May 13, 2022

IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected... High Unreviewed

CVE-2016-5919 was published May 13, 2022

lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier... High Unreviewed

CVE-2013-4508 was published May 13, 2022

Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity... High Unreviewed

CVE-2018-9028 was published May 13, 2022

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict... High Unreviewed

CVE-2014-0224 was published May 13, 2022

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected... High Unreviewed

CVE-2018-1785 was published May 13, 2022

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected... High Unreviewed

CVE-2018-1545 was published May 13, 2022

Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks High Unreviewed

CVE-2021-27761 was published May 7, 2022

Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager,... High Unreviewed

CVE-2021-32010 was published May 5, 2022

IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that... High Unreviewed

CVE-2022-22368 was published May 4, 2022

A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak... High Unreviewed

CVE-2012-2130 was published Apr 23, 2022

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... High Unreviewed

CVE-2022-20677 was published Apr 16, 2022

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard... High Unreviewed

CVE-2022-1252 was published Apr 12, 2022

The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the... High Unreviewed

CVE-2022-0828 was published Apr 12, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

164 advisories