GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,919
Composer 4,476
Erlang 33
GitHub Actions 24
Go 2,207
Maven 5,433
npm 3,858
NuGet 696
pip 3,639
Pub 12
RubyGems 913
Rust 918
Swift 38

Unreviewed advisories

All unreviewed 249,580

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

441 advisories

Filter by severity

Sort by

Least recently updated

In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub... Moderate Unreviewed

CVE-2019-14664 was published May 24, 2022

In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it... Moderate Unreviewed

CVE-2019-15947 was published May 24, 2022

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values... Moderate Unreviewed

CVE-2019-10638 was published May 24, 2022

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is... High Unreviewed

CVE-2019-14332 was published May 24, 2022

In JetBrains IntelliJ IDEA before 2022.3 the built-in web server leaked information about open... Low Unreviewed

CVE-2022-46825 was published Dec 8, 2022

The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure ... High Unreviewed

CVE-2019-10639 was published May 24, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2019-4339 was published May 24, 2022

Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through... Moderate Unreviewed

CVE-2020-16235 was published May 20, 2022

DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt... Moderate Unreviewed

CVE-2021-40341 was published Jan 6, 2023

The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a... Critical Unreviewed

CVE-2021-42949 was published Sep 17, 2022

The user and password data base is exposed by an unprotected web server resource. Passwords are... High Unreviewed

CVE-2021-23855 was published May 24, 2022

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed

CVE-2015-8085 was published May 17, 2022

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed

CVE-2015-8086 was published May 17, 2022

This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2020-10919 was published May 24, 2022

An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue... Moderate Unreviewed

CVE-2016-4685 was published May 17, 2022

IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information,... Moderate Unreviewed

CVE-2016-3034 was published May 17, 2022

hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and... High Unreviewed

CVE-2016-10102 was published May 17, 2022

In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the... Moderate Unreviewed

CVE-2022-34826 was published Jul 16, 2022

On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is... Critical Unreviewed

CVE-2017-8076 was published May 17, 2022

IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a... High Unreviewed

CVE-2016-2879 was published May 17, 2022

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK. High Unreviewed

CVE-2016-5056 was published May 17, 2022

An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently... High Unreviewed

CVE-2017-5999 was published May 17, 2022

IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that... High Unreviewed

CVE-2022-22453 was published Jul 15, 2022

Due to a lack of standard encryption when transmitting sensitive information over the internet to... High Unreviewed

CVE-2017-5239 was published May 17, 2022

The Mxit protocol uses weak encryption when encrypting user passwords, which might allow... High Unreviewed

CVE-2016-2379 was published May 17, 2022

Previous 1 2 … 14 15 16 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

441 advisories