GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
184 advisories
Filter by severity
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier...
High
Unreviewed
CVE-2013-4508
was published
May 13, 2022
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected...
High
Unreviewed
CVE-2016-5919
was published
May 13, 2022
The application was signed using a key length less than or equal to 1024 bits, making it...
High
Unreviewed
CVE-2020-4099
was published
Nov 1, 2022
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm...
High
Unreviewed
CVE-2018-15796
was published
May 13, 2022
An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are...
High
Unreviewed
CVE-2018-18767
was published
May 13, 2022
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2021-20400
was published
Dec 2, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-38947
was published
Dec 14, 2021
controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on...
High
Unreviewed
CVE-2019-7648
was published
May 13, 2022
The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x...
High
Unreviewed
CVE-2013-0764
was published
May 13, 2022
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows...
High
Unreviewed
CVE-2017-17543
was published
May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker...
High
Unreviewed
CVE-2018-1814
was published
May 13, 2022
IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2018-1751
was published
May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports...
High
Unreviewed
CVE-2018-1946
was published
May 13, 2022
IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1...
High
Unreviewed
CVE-2018-1665
was published
May 13, 2022
IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2017-1695
was published
May 13, 2022
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected...
High
Unreviewed
CVE-2017-1366
was published
May 13, 2022
On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account...
High
Unreviewed
CVE-2017-14262
was published
May 13, 2022
System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with...
High
Unreviewed
CVE-2018-6635
was published
May 13, 2022
On specific devices, there is a possible bypass of configuration integrity due to improperly used...
High
Unreviewed
CVE-2022-20374
was published
Aug 12, 2022
IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2019-4175
was published
May 24, 2022
Using remote content in encrypted messages can lead to the disclosure of plaintext. This...
High
Unreviewed
CVE-2018-5184
was published
May 14, 2022
Play Framework Inadequate Encryption Strength vulnerability
High
CVE-2019-17598
was published
for
com.typesafe.play:play-ws_2.12
(Maven)
May 24, 2022
Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining...
High
Unreviewed
CVE-2013-7469
was published
May 14, 2022
IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2018-1648
was published
May 14, 2022
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption...
High
Unreviewed
CVE-2017-13699
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API