GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
452 advisories
Filter by severity
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 uses weak...
High
Unreviewed
CVE-2007-4150
was published
May 1, 2022
Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption (XOR obfuscation...
High
Unreviewed
CVE-2007-5460
was published
May 1, 2022
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash,...
Moderate
Unreviewed
CVE-2007-6013
was published
May 1, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit...
Moderate
Unreviewed
CVE-2007-6755
was published
May 1, 2022
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5...
Moderate
Unreviewed
CVE-2008-3188
was published
May 1, 2022
Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local...
Low
Unreviewed
CVE-2008-3775
was published
May 2, 2022
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption,...
Moderate
Unreviewed
CVE-2009-2273
was published
May 2, 2022
Incorrect MAC key used in the RC4-MD5 ciphersuite
Moderate
CVE-2022-1434
was published
for
openssl-src
(Rust)
May 4, 2022
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C...
Moderate
Unreviewed
CVE-2013-2213
was published
May 5, 2022
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and...
Moderate
Unreviewed
CVE-2013-1053
was published
May 5, 2022
IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-20479
was published
May 10, 2022
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to...
Moderate
Unreviewed
CVE-2022-20117
was published
May 11, 2022
An exploitable Weak Cryptography for Passwords vulnerability exists in the web server...
High
Unreviewed
CVE-2017-12129
was published
May 13, 2022
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x...
Moderate
Unreviewed
CVE-2018-11057
was published
May 13, 2022
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication...
Moderate
Unreviewed
CVE-2019-7006
was published
May 13, 2022
RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a...
Moderate
Unreviewed
CVE-2018-11070
was published
May 13, 2022
The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5...
High
Unreviewed
CVE-2016-0923
was published
May 13, 2022
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA...
Moderate
Unreviewed
CVE-2018-11069
was published
May 13, 2022
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE...
High
Unreviewed
CVE-2015-0533
was published
May 13, 2022
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE...
High
Unreviewed
CVE-2015-0535
was published
May 13, 2022
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface...
High
Unreviewed
CVE-2016-8370
was published
May 13, 2022
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption...
High
Unreviewed
CVE-2019-1543
was published
May 13, 2022
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Passwords are stored using...
Critical
Unreviewed
CVE-2019-5723
was published
May 13, 2022
Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an...
Moderate
Unreviewed
CVE-2019-5754
was published
May 13, 2022
Nablarch Incomplete Cryptography
Critical
CVE-2019-5919
was published
for
com.nablarch.framework:nablarch-fw-web
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API