GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,945

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

177 advisories

Filter by severity

Sort by

Least recently updated

There is a weak secure algorithm vulnerability in Huawei products. A weak secure algorithm is... Moderate Unreviewed

CVE-2021-22356 was published Nov 24, 2021

A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS... Moderate Unreviewed

CVE-2021-32591 was published Dec 9, 2021

In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information... Moderate Unreviewed

CVE-2021-45486 was published Dec 26, 2021

The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in... Moderate Unreviewed

CVE-2021-43550 was published Dec 28, 2021

The fingerprint module has a security risk of brute force cracking. Successful exploitation of... Moderate Unreviewed

CVE-2021-40006 was published Jan 11, 2022

IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than... Moderate Unreviewed

CVE-2022-22310 was published Jan 20, 2022

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Moderate Unreviewed

CVE-2022-21800 was published Feb 19, 2022

An issue was discovered in Cobbler through 3.3.1. Routines in several files use the HTTP protocol... Moderate Unreviewed

CVE-2021-45081 was published Feb 21, 2022

Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar... Moderate Unreviewed

CVE-2022-0377 was published Mar 1, 2022

A risky-algorithm issue was discovered on Fujifilm DocuCentre-VI C4471 1.8 devices. An attacker... Moderate Unreviewed

CVE-2021-43774 was published Mar 4, 2022

A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel... Moderate Unreviewed

CVE-2021-32593 was published Apr 7, 2022

A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG)... Moderate Unreviewed

CVE-2022-20805 was published Apr 22, 2022

Information from SSL-encrypted sessions via PKCS #1. Moderate Unreviewed

CVE-1999-0007 was published Apr 30, 2022

TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt,... Moderate Unreviewed

CVE-2002-2058 was published Apr 30, 2022

The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead... Moderate Unreviewed

CVE-2005-2946 was published May 1, 2022

Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the... Moderate Unreviewed

CVE-2005-4860 was published May 1, 2022

Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash,... Moderate Unreviewed

CVE-2007-6013 was published May 1, 2022

The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit... Moderate Unreviewed

CVE-2007-6755 was published May 1, 2022

libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5... Moderate Unreviewed

CVE-2008-3188 was published May 1, 2022

The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption,... Moderate Unreviewed

CVE-2009-2273 was published May 2, 2022

The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C... Moderate Unreviewed

CVE-2013-2213 was published May 5, 2022

In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and... Moderate Unreviewed

CVE-2013-1053 was published May 5, 2022

In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to... Moderate Unreviewed

CVE-2022-20117 was published May 11, 2022

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x... Moderate Unreviewed

CVE-2018-11057 was published May 13, 2022

Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication... Moderate Unreviewed

CVE-2019-7006 was published May 13, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

177 advisories