Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

414 advisories

Loading
Information from SSL-encrypted sessions via PKCS #1. Moderate Unreviewed
CVE-1999-0007 was published Apr 30, 2022
IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2021-39082 was published Apr 30, 2022
Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords. High Unreviewed
CVE-2012-5623 was published Apr 23, 2022
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG)... Moderate Unreviewed
CVE-2022-20805 was published Apr 22, 2022
The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation... High Unreviewed
CVE-2022-29566 was published Apr 22, 2022
IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2021-39076 was published Apr 20, 2022
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm... High Unreviewed
CVE-2022-22559 was published Apr 13, 2022
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard... High Unreviewed
CVE-2022-1252 was published Apr 12, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote... Critical Unreviewed
CVE-2022-26854 was published Apr 9, 2022
A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel... Moderate Unreviewed
CVE-2021-32593 was published Apr 7, 2022
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and... High Unreviewed
CVE-2021-33018 was published Apr 3, 2022
IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic... High Unreviewed
CVE-2022-22327 was published Apr 2, 2022
"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure... High Unreviewed
CVE-2021-27756 was published Mar 5, 2022
A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker... Moderate Unreviewed
CVE-2021-43774 was published Mar 4, 2022
Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar... Moderate Unreviewed
CVE-2022-0377 was published Mar 1, 2022
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method... High Unreviewed
CVE-2020-36516 was published Feb 27, 2022
An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol... Moderate Unreviewed
CVE-2021-45081 was published Feb 21, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Moderate Unreviewed
CVE-2022-21800 was published Feb 19, 2022
Use of a Broken or Risky Cryptographic Algorithm in PostgreSQL High Unreviewed
CVE-2020-25694 was published Feb 15, 2022
The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to... High Unreviewed
CVE-2021-46559 was published Jan 27, 2022
The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies... Critical Unreviewed
CVE-2021-31562 was published Jan 22, 2022
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues... High Unreviewed
CVE-2021-33846 was published Jan 22, 2022
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than... Moderate Unreviewed
CVE-2022-22310 was published Jan 20, 2022
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38921 was published Jan 11, 2022
The fingerprint module has a security risk of brute force cracking. Successful exploitation of... Moderate Unreviewed
CVE-2021-40006 was published Jan 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database