GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
184 advisories
Filter by severity
A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker...
High
Unreviewed
CVE-2020-24925
was published
May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength.
High
Unreviewed
CVE-2020-13785
was published
May 24, 2022
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector...
High
Unreviewed
CVE-2020-11877
was published
May 24, 2022
An issue was discovered in UNCTAD ASYCUDA World 2001 through 2020. The Java RMI Server has an...
High
Unreviewed
CVE-2020-9761
was published
May 24, 2022
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the...
High
Unreviewed
CVE-2019-20138
was published
May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions...
High
Unreviewed
CVE-2019-8237
was published
May 24, 2022
IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2019-4175
was published
May 24, 2022
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is...
High
Unreviewed
CVE-2019-14332
was published
May 24, 2022
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure ...
High
Unreviewed
CVE-2019-10639
was published
May 24, 2022
IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected...
High
Unreviewed
CVE-2018-1608
was published
May 24, 2022
IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2018-2007
was published
May 24, 2022
Python Keyring does not securely initialize encryption cipher
High
CVE-2012-4571
was published
for
keyring
(pip)
May 17, 2022
IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a...
High
Unreviewed
CVE-2016-2879
was published
May 17, 2022
An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently...
High
Unreviewed
CVE-2017-5999
was published
May 17, 2022
hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and...
High
Unreviewed
CVE-2016-10102
was published
May 17, 2022
Due to a lack of standard encryption when transmitting sensitive information over the internet to...
High
Unreviewed
CVE-2017-5239
was published
May 17, 2022
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow...
High
Unreviewed
CVE-2016-2379
was published
May 17, 2022
OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK.
High
Unreviewed
CVE-2016-5056
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue...
High
Unreviewed
CVE-2017-2380
was published
May 17, 2022
IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure...
High
Unreviewed
CVE-2017-1319
was published
May 17, 2022
IBM Tivoli Endpoint Manager uses weaker than expected cryptographic algorithms that could allow...
High
Unreviewed
CVE-2017-1224
was published
May 17, 2022
IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected...
High
Unreviewed
CVE-2017-1375
was published
May 17, 2022
WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier...
High
Unreviewed
CVE-2012-6707
was published
May 17, 2022
Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows...
High
Unreviewed
CVE-2017-14797
was published
May 17, 2022
Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600...
High
Unreviewed
CVE-2017-8174
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API