GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
164 advisories
Filter by severity
On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account...
High
Unreviewed
CVE-2017-14262
was published
May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected...
High
Unreviewed
CVE-2017-1366
was published
May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2017-1695
was published
May 13, 2022
IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1...
High
Unreviewed
CVE-2018-1665
was published
May 13, 2022
IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2018-1751
was published
May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker...
High
Unreviewed
CVE-2018-1814
was published
May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports...
High
Unreviewed
CVE-2018-1946
was published
May 13, 2022
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows...
High
Unreviewed
CVE-2017-17543
was published
May 13, 2022
The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x...
High
Unreviewed
CVE-2013-0764
was published
May 13, 2022
controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on...
High
Unreviewed
CVE-2019-7648
was published
May 13, 2022
An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are...
High
Unreviewed
CVE-2018-18767
was published
May 13, 2022
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm...
High
Unreviewed
CVE-2018-15796
was published
May 13, 2022
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected...
High
Unreviewed
CVE-2016-5919
was published
May 13, 2022
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier...
High
Unreviewed
CVE-2013-4508
was published
May 13, 2022
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity...
High
Unreviewed
CVE-2018-9028
was published
May 13, 2022
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict...
High
Unreviewed
CVE-2014-0224
was published
May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected...
High
Unreviewed
CVE-2018-1785
was published
May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected...
High
Unreviewed
CVE-2018-1545
was published
May 13, 2022
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks
High
Unreviewed
CVE-2021-27761
was published
May 7, 2022
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager,...
High
Unreviewed
CVE-2021-32010
was published
May 5, 2022
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2022-22368
was published
May 4, 2022
A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak...
High
Unreviewed
CVE-2012-2130
was published
Apr 23, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco...
High
Unreviewed
CVE-2022-20677
was published
Apr 16, 2022
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard...
High
Unreviewed
CVE-2022-1252
was published
Apr 12, 2022
The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the...
High
Unreviewed
CVE-2022-0828
was published
Apr 12, 2022
ProTip!
Advisories are also available from the
GraphQL API