GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
421 advisories
Filter by severity
D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength.
High
Unreviewed
CVE-2020-13785
was published
May 24, 2022
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in...
Moderate
Unreviewed
CVE-2009-2474
was published
May 2, 2022
In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is...
High
Unreviewed
CVE-2022-38659
was published
Dec 19, 2022
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2022-22368
was published
May 4, 2022
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager,...
High
Unreviewed
CVE-2021-32010
was published
May 5, 2022
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm
Moderate
Unreviewed
CVE-2013-7286
was published
May 5, 2022
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks
High
CVE-2022-3273
was published
for
rdiffweb
(pip)
Oct 6, 2022
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks
High
Unreviewed
CVE-2021-27761
was published
May 7, 2022
Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm...
Moderate
Unreviewed
CVE-2022-28164
was published
May 7, 2022
Inadequate Encryption Strength in DotNetNuke
High
CVE-2018-18325
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke
High
CVE-2018-15811
was published
for
DotNetNuke.Core
(NuGet)
Jul 5, 2019
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected...
High
Unreviewed
CVE-2018-1785
was published
May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected...
High
Unreviewed
CVE-2018-1545
was published
May 13, 2022
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict...
High
Unreviewed
CVE-2014-0224
was published
May 13, 2022
An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch...
Moderate
Unreviewed
CVE-2017-5160
was published
May 13, 2022
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170...
Critical
Unreviewed
CVE-2016-5804
was published
May 13, 2022
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3...
Moderate
Unreviewed
CVE-2018-4839
was published
May 13, 2022
An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static...
Low
Unreviewed
CVE-2018-17177
was published
May 13, 2022
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity...
High
Unreviewed
CVE-2018-9028
was published
May 13, 2022
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier...
High
Unreviewed
CVE-2013-4508
was published
May 13, 2022
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases,...
Moderate
Unreviewed
CVE-2013-2566
was published
May 13, 2022
IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2016-3019
was published
May 13, 2022
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected...
High
Unreviewed
CVE-2016-5919
was published
May 13, 2022
The application was signed using a key length less than or equal to 1024 bits, making it...
High
Unreviewed
CVE-2020-4099
was published
Nov 1, 2022
Inadequate Encryption Strength and Algorithm Downgrade in Wildfly
Moderate
Unreviewed
CVE-2019-14887
was published
Feb 15, 2022
ProTip!
Advisories are also available from the
GraphQL API