GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
187 advisories
Filter by severity
OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file...
High
Unreviewed
CVE-2020-27408
was published
May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,...
High
Unreviewed
CVE-2020-29063
was published
May 24, 2022
A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references,...
High
Unreviewed
CVE-2020-7565
was published
May 24, 2022
cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
High
Unreviewed
CVE-2020-26107
was published
May 24, 2022
A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker...
High
Unreviewed
CVE-2020-24925
was published
May 24, 2022
An issue was discovered in UNCTAD ASYCUDA World 2001 through 2020. The Java RMI Server has an...
High
Unreviewed
CVE-2020-9761
was published
May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions...
High
Unreviewed
CVE-2019-8237
was published
May 24, 2022
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is...
High
Unreviewed
CVE-2019-14332
was published
May 24, 2022
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure ...
High
Unreviewed
CVE-2019-10639
was published
May 24, 2022
The user and password data base is exposed by an unprotected web server resource. Passwords are...
High
Unreviewed
CVE-2021-23855
was published
May 24, 2022
hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and...
High
Unreviewed
CVE-2016-10102
was published
May 17, 2022
IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a...
High
Unreviewed
CVE-2016-2879
was published
May 17, 2022
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.
High
Unreviewed
CVE-2016-5056
was published
May 17, 2022
An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently...
High
Unreviewed
CVE-2017-5999
was published
May 17, 2022
IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2022-22453
was published
Jul 15, 2022
Due to a lack of standard encryption when transmitting sensitive information over the internet to...
High
Unreviewed
CVE-2017-5239
was published
May 17, 2022
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow...
High
Unreviewed
CVE-2016-2379
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue...
High
Unreviewed
CVE-2017-2380
was published
May 17, 2022
IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure...
High
Unreviewed
CVE-2017-1319
was published
May 17, 2022
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than...
High
Unreviewed
CVE-2022-22464
was published
Jul 9, 2022
IBM Tivoli Endpoint Manager uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2017-1224
was published
May 17, 2022
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an...
High
Unreviewed
CVE-2022-21139
was published
Aug 19, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer....
High
Unreviewed
CVE-2021-27457
was published
May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-way cryptographic hash...
High
Unreviewed
CVE-2021-38979
was published
May 24, 2022
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected...
High
Unreviewed
CVE-2021-20337
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API