Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

469 advisories

Loading
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an... Moderate Unreviewed
CVE-2021-20441 was published May 24, 2022
An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored... High Unreviewed
CVE-2020-10554 was published May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2... High Unreviewed
CVE-2020-35221 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2020-4968 was published May 24, 2022
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2021-20419 was published May 24, 2022
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default. Moderate Unreviewed
CVE-2021-25763 was published May 24, 2022
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate... High Unreviewed
CVE-2021-22212 was published May 24, 2022
Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is... High Unreviewed
CVE-2020-25493 was published May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX)... Critical Unreviewed
CVE-2021-22738 was published May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2020-4831 was published May 24, 2022
IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2021-20566 was published May 24, 2022
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification... Critical Unreviewed
CVE-2021-20305 was published May 24, 2022
Command Injection in Apache James Moderate
CVE-2021-38542 was published for org.apache.james:james-server (Maven) Jan 8, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit... Moderate Unreviewed
CVE-2007-6755 was published May 1, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-20379 was published May 24, 2022
Use of a weak cryptographic algorithm in Gradle Low
CVE-2019-16370 was published for org.gradle:gradle-core (Maven) May 24, 2022
IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2021-20497 was published May 24, 2022
The ElGamal implementation in Botan through 2.18.1, as used in Thunderbird and other products,... Moderate Unreviewed
CVE-2021-40529 was published May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms... Moderate Unreviewed
CVE-2021-3446 was published May 24, 2022
In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call... Critical Unreviewed
CVE-2019-25052 was published May 24, 2022
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and... Critical Unreviewed
CVE-2020-36363 was published May 24, 2022
IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2021-29704 was published May 24, 2022
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to retrieve passwords... Moderate Unreviewed
CVE-2021-33003 was published May 24, 2022
The ElGamal implementation in Crypto++ through 8.5 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40530 was published May 24, 2022
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40528 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database