GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
438 advisories
Filter by severity
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2020-4831
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX)...
Critical
Unreviewed
CVE-2021-22738
was published
May 24, 2022
Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is...
High
Unreviewed
CVE-2020-25493
was published
May 24, 2022
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate...
High
Unreviewed
CVE-2021-22212
was published
May 24, 2022
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.
Moderate
Unreviewed
CVE-2021-25763
was published
May 24, 2022
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2021-20419
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2020-4968
was published
May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2...
High
Unreviewed
CVE-2020-35221
was published
May 24, 2022
An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored...
High
Unreviewed
CVE-2020-10554
was published
May 24, 2022
IBM Security Verify Bridge uses weaker than expected cryptographic algorithms that could allow an...
Moderate
Unreviewed
CVE-2021-20441
was published
May 24, 2022
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote...
Moderate
Unreviewed
CVE-2020-29536
was published
May 24, 2022
IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms...
Moderate
Unreviewed
CVE-2020-4624
was published
May 24, 2022
IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2022-22461
was published
Dec 22, 2022
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications...
Moderate
Unreviewed
CVE-2020-20950
was published
May 24, 2022
IBM Emptoris Strategic Supply Management 10.1.3 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2020-4898
was published
May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.
Low
Unreviewed
CVE-2020-23250
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25230
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
High
Unreviewed
CVE-2020-25232
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected...
High
Unreviewed
CVE-2020-4937
was published
May 24, 2022
Untangle Firewall NG before 16.0 uses MD5 for passwords.
Moderate
Unreviewed
CVE-2020-17494
was published
May 24, 2022
DomainMOD before 4.14.0 uses MD5 without a salt for password storage.
High
Unreviewed
CVE-2019-9080
was published
May 24, 2022
In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of...
Moderate
Unreviewed
CVE-2020-24619
was published
May 24, 2022
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected,...
Critical
Unreviewed
CVE-2020-14517
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
High
Unreviewed
CVE-2020-10927
was published
May 24, 2022
During RSA key generation, bignum implementations used a variation of the Binary Extended...
Moderate
Unreviewed
CVE-2020-12402
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API