GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,777
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,014
Maven 5,201
npm 3,721
NuGet 662
pip 3,393
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,123

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

371 advisories

Filter by severity

Sort by

Least recently updated

IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected... High Unreviewed

CVE-2022-43917 was published Jan 26, 2023

All versions of Econolite EOS traffic control software are vulnerable to CWE-328: Use of Weak... Moderate Unreviewed

CVE-2023-0452 was published Jan 26, 2023

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum... Moderate Unreviewed

CVE-2021-36647 was published Jan 17, 2023

The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health... Moderate Unreviewed

CVE-2023-0296 was published Jan 17, 2023

IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic... High Unreviewed

CVE-2022-22461 was published Dec 22, 2022

In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing... Moderate Unreviewed

CVE-2022-20513 was published Dec 20, 2022

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed

CVE-2022-38391 was published Dec 20, 2022

A vulnerability, which was classified as problematic, has been found in Click Studios... Moderate Unreviewed

CVE-2022-4610 was published Dec 19, 2022

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an... Moderate Unreviewed

CVE-2022-46140 was published Dec 13, 2022

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a... Moderate Unreviewed

CVE-2022-46832 was published Dec 13, 2022

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a... Moderate Unreviewed

CVE-2022-46833 was published Dec 13, 2022

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a... Moderate Unreviewed

CVE-2022-46834 was published Dec 13, 2022

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a... Moderate Unreviewed

CVE-2022-27581 was published Dec 13, 2022

IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed

CVE-2022-34361 was published Dec 6, 2022

IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34320 was published Nov 15, 2022

IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed

CVE-2022-34319 was published Nov 14, 2022

SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation... Moderate Unreviewed

CVE-2022-45195 was published Nov 13, 2022

The provided HCL Launch Container images contain non-unique HTTPS certificates and a database... High Unreviewed

CVE-2021-27784 was published Nov 1, 2022

WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An... Moderate Unreviewed

CVE-2022-29835 was published Sep 20, 2022

HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. High Unreviewed

CVE-2022-37177 was published Aug 30, 2022

A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the... Moderate Unreviewed

CVE-2021-3979 was published Aug 26, 2022

Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering... Moderate Unreviewed

CVE-2022-29959 was published Aug 17, 2022

Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm... Moderate Unreviewed

CVE-2022-30320 was published Jul 29, 2022

The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29... Moderate Unreviewed

CVE-2022-29965 was published Jul 27, 2022

Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for... Moderate Unreviewed

CVE-2022-29960 was published Jul 27, 2022

Previous 1 2 3 4 5 6 7 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

371 advisories