Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

190 advisories

Loading
The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc.... Moderate Unreviewed
CVE-2017-5535 was published May 13, 2022
An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000... Moderate Unreviewed
CVE-2017-9645 was published May 13, 2022
A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS... Moderate Unreviewed
CVE-2018-0131 was published May 13, 2022
Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is... Moderate Unreviewed
CVE-2018-19001 was published May 13, 2022
IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability... Moderate Unreviewed
CVE-2018-1518 was published May 13, 2022
IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due... Moderate Unreviewed
CVE-2018-1593 was published May 13, 2022
IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2018-1925 was published May 13, 2022
An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100... Moderate Unreviewed
CVE-2018-5461 was published May 13, 2022
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0,... Moderate Unreviewed
CVE-2014-1491 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6... Moderate Unreviewed
CVE-2018-1466 was published May 13, 2022
IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2016-3019 was published May 13, 2022
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases,... Moderate Unreviewed
CVE-2013-2566 was published May 13, 2022
Inadequate Encryption Strength in Apache CXF Moderate
CVE-2012-5575 was published for org.apache.cxf:cxf-rt-transports-http (Maven) May 13, 2022
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3... Moderate Unreviewed
CVE-2018-4839 was published May 13, 2022
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet... Moderate Unreviewed
CVE-2011-3389 was published May 13, 2022
An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch... Moderate Unreviewed
CVE-2017-5160 was published May 13, 2022
An information disclosure vulnerability exists in the router configuration export functionality... Moderate Unreviewed
CVE-2022-26020 was published May 13, 2022
Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm... Moderate Unreviewed
CVE-2022-28164 was published May 7, 2022
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm Moderate Unreviewed
CVE-2013-7286 was published May 5, 2022
Zabbix before 5.0 represents passwords in the users table with unsalted MD5. Moderate Unreviewed
CVE-2013-7484 was published May 5, 2022
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in... Moderate Unreviewed
CVE-2009-2474 was published May 2, 2022
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5... Moderate Unreviewed
CVE-2008-3188 was published May 1, 2022
SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to... Moderate Unreviewed
CVE-2005-4900 was published May 1, 2022
WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which makes it easier for... Moderate Unreviewed
CVE-2005-2281 was published May 1, 2022
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher... Moderate Unreviewed
CVE-2005-0366 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database