GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
178 advisories
Filter by severity
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate...
High
Unreviewed
CVE-2021-22212
was published
May 24, 2022
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x...
High
Unreviewed
CVE-2020-26515
was published
May 24, 2022
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2021-20419
was published
May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer....
High
Unreviewed
CVE-2021-27457
was published
May 24, 2022
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in...
High
Unreviewed
CVE-2021-22309
was published
May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2020-4831
was published
May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2...
High
Unreviewed
CVE-2020-35221
was published
May 24, 2022
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is...
High
Unreviewed
CVE-2021-23839
was published
May 24, 2022
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to...
High
Unreviewed
CVE-2021-27211
was published
May 24, 2022
Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is...
High
Unreviewed
CVE-2020-25493
was published
May 24, 2022
An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored...
High
Unreviewed
CVE-2020-10554
was published
May 24, 2022
IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2020-4898
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25230
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25232
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected...
High
Unreviewed
CVE-2020-4937
was published
May 24, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4...
High
Unreviewed
CVE-2020-27653
was published
May 24, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6...
High
Unreviewed
CVE-2020-27652
was published
May 24, 2022
BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an...
High
Unreviewed
CVE-2020-27611
was published
May 24, 2022
DomainMOD before 4.14.0 uses MD5 without a salt for password storage.
High
Unreviewed
CVE-2019-9080
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
High
Unreviewed
CVE-2020-10927
was published
May 24, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy...
High
Unreviewed
CVE-2020-7514
was published
May 24, 2022
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the...
High
Unreviewed
CVE-2019-20138
was published
May 24, 2022
wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, leading to fault injection in...
High
Unreviewed
CVE-2019-19962
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of...
High
Unreviewed
CVE-2019-5163
was published
May 24, 2022
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 uses weaker than expected...
High
Unreviewed
CVE-2019-4399
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API