GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
373 advisories
Filter by severity
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and...
Critical
Unreviewed
CVE-2020-36363
was published
May 24, 2022
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2....
Critical
Unreviewed
CVE-2021-31556
was published
May 24, 2022
In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call...
Critical
Unreviewed
CVE-2019-25052
was published
May 24, 2022
Meow hash 0.5/calico does not sufficiently thwart key recovery by an attacker who can query...
Moderate
Unreviewed
CVE-2021-37606
was published
May 24, 2022
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported...
High
Unreviewed
CVE-2021-2351
was published
May 24, 2022
The combination of various cryptographic issues in the session management of FortiMail 6.4.0...
High
Unreviewed
CVE-2021-26095
was published
May 24, 2022
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated...
Low
Unreviewed
CVE-2021-34688
was published
May 24, 2022
IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2021-20497
was published
May 24, 2022
Missing cryptographic steps in the Identity-Based Encryption service of FortiMail before 7.0.0...
Moderate
Unreviewed
CVE-2021-26099
was published
May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-20379
was published
May 24, 2022
An attacker may perform a DoS attack to prevent a user from sending encrypted email to a...
Moderate
Unreviewed
CVE-2021-23993
was published
May 24, 2022
IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2021-20566
was published
May 24, 2022
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate...
High
Unreviewed
CVE-2021-22212
was published
May 24, 2022
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x...
High
Unreviewed
CVE-2020-26515
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX)...
Critical
Unreviewed
CVE-2021-22738
was published
May 24, 2022
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2021-20419
was published
May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer....
High
Unreviewed
CVE-2021-27457
was published
May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired...
Moderate
Unreviewed
CVE-2020-24588
was published
May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired...
Moderate
Unreviewed
CVE-2020-24587
was published
May 24, 2022
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification...
Critical
Unreviewed
CVE-2021-20305
was published
May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms...
Moderate
Unreviewed
CVE-2021-3446
was published
May 24, 2022
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in...
High
Unreviewed
CVE-2021-22309
was published
May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2020-4831
was published
May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2...
High
Unreviewed
CVE-2020-35221
was published
May 24, 2022
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an...
Moderate
Unreviewed
CVE-2021-20441
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API