Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

367 advisories

Loading
There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is... Moderate Unreviewed
CVE-2021-22356 was published Nov 24, 2021
A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS... Moderate Unreviewed
CVE-2021-32591 was published Dec 9, 2021
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... High Unreviewed
CVE-2021-39002 was published Dec 10, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic... High Unreviewed
CVE-2021-39058 was published Dec 14, 2021
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php. Critical Unreviewed
CVE-2021-42216 was published Dec 16, 2021
In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption... High Unreviewed
CVE-2021-45451 was published Dec 22, 2021
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt... High Unreviewed
CVE-2021-45450 was published Dec 22, 2021
mySCADA myPRO Versions 8.20.0 and prior stores passwords using MD5, which may allow an attacker... High Unreviewed
CVE-2021-43989 was published Dec 24, 2021
A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was... High Unreviewed
CVE-2017-2488 was published Dec 24, 2021
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm. High Unreviewed
CVE-2021-45488 was published Dec 26, 2021
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic... High Unreviewed
CVE-2021-45487 was published Dec 26, 2021
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an... High Unreviewed
CVE-2021-45485 was published Dec 26, 2021
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information... Moderate Unreviewed
CVE-2021-45486 was published Dec 26, 2021
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in... Moderate Unreviewed
CVE-2021-43550 was published Dec 28, 2021
The fingerprint module has a security risk of brute force cracking. Successful exploitation of... Moderate Unreviewed
CVE-2021-40006 was published Jan 11, 2022
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38921 was published Jan 11, 2022
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than... Moderate Unreviewed
CVE-2022-22310 was published Jan 20, 2022
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues... High Unreviewed
CVE-2021-33846 was published Jan 22, 2022
The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies... Critical Unreviewed
CVE-2021-31562 was published Jan 22, 2022
The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to... High Unreviewed
CVE-2021-46559 was published Jan 27, 2022
Use of a Broken or Risky Cryptographic Algorithm in PostgreSQL High Unreviewed
CVE-2020-25694 was published Feb 15, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Moderate Unreviewed
CVE-2022-21800 was published Feb 19, 2022
An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol... Moderate Unreviewed
CVE-2021-45081 was published Feb 21, 2022
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method... High Unreviewed
CVE-2020-36516 was published Feb 27, 2022
Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar... Moderate Unreviewed
CVE-2022-0377 was published Mar 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database