GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,784

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

382 advisories

Filter by severity

Sort by

Least recently updated

yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by... Low Unreviewed

CVE-2020-12872 was published May 24, 2022

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker... High Unreviewed

CVE-2021-37188 was published Dec 11, 2021

Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some... High Unreviewed

CVE-2021-22170 was published Dec 7, 2021

An attacker could decipher the encryption and gain access to MDT AutoSave versions prior to v6.02... High Unreviewed

CVE-2021-32945 was published Apr 3, 2022

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who... High Unreviewed

CVE-2021-45104 was published Apr 7, 2022

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART... High Unreviewed

CVE-2021-20161 was published Dec 31, 2021

Dell PowerScale OneFS 8.1.0 - 9.1.0 contains an LDAP Provider inability to connect over TLSv1.2... Critical Unreviewed

CVE-2020-26197 was published May 24, 2022

IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses weaker than expected cryptographic... High Unreviewed

CVE-2021-29694 was published May 24, 2022

The NPort IA5000A Series devices use Telnet as one of the network device management services.... Moderate Unreviewed

CVE-2020-27184 was published May 24, 2022

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2... Moderate Unreviewed

CVE-2021-31615 was published May 24, 2022

In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic... Critical Unreviewed

CVE-2021-27200 was published May 24, 2022

Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks. High Unreviewed

CVE-2021-28213 was published May 24, 2022

IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow... High Unreviewed

CVE-2020-4965 was published May 24, 2022

A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4... Critical Unreviewed

CVE-2021-24020 was published May 24, 2022

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data. Moderate Unreviewed

CVE-2021-37587 was published May 24, 2022

In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256. Moderate Unreviewed

CVE-2021-37551 was published May 24, 2022

IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which... High Unreviewed

CVE-2021-29794 was published May 24, 2022

"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the... Low Unreviewed

CVE-2020-14263 was published May 24, 2022

All versions of LS Industrial Systems (LSIS) Co. Ltd LS Electric PLCs and XG5000 PLC programming... Moderate Unreviewed

CVE-2022-2758 was published Sep 1, 2022

An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may... High Unreviewed

CVE-2021-31796 was published May 24, 2022

Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number... High Unreviewed

CVE-2021-41829 was published May 24, 2022

In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted... Moderate Unreviewed

CVE-2021-37546 was published May 24, 2022

IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected... High Unreviewed

CVE-2021-20337 was published May 24, 2022

The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1... Moderate Unreviewed

CVE-2021-31798 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-way cryptographic hash... High Unreviewed

CVE-2021-38979 was published May 24, 2022

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

382 advisories