GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
438 advisories
Filter by severity
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information...
Moderate
Unreviewed
CVE-2021-45486
was published
Dec 26, 2021
The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation...
High
Unreviewed
CVE-2022-29566
was published
Apr 22, 2022
IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2021-39076
was published
Apr 20, 2022
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm...
High
Unreviewed
CVE-2022-22559
was published
Apr 13, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote...
Critical
Unreviewed
CVE-2022-26854
was published
Apr 9, 2022
A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel...
Moderate
Unreviewed
CVE-2021-32593
was published
Apr 7, 2022
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and...
High
Unreviewed
CVE-2021-33018
was published
Apr 3, 2022
IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2022-22327
was published
Apr 2, 2022
Ciphertext Malleability Issue in Tink Java
Low
CVE-2020-8929
was published
for
com.google.crypto.tink:tink
(Maven)
Oct 16, 2020
Unauthenticated Remote Code Execution in Apache JMeter
Critical
CVE-2019-0187
was published
for
org.apache.jmeter:ApacheJMeter
(Maven)
Mar 7, 2019
Insecure Cryptography Algorithm in parsel
Critical
GHSA-wqgx-4q47-j2w5
was published
for
parsel
(npm)
Sep 4, 2020
Password Hashing: Do not use MD5
Low
CVE-2020-5229
was published
for
org.opencastproject:opencast-common-jpa-impl
(Maven)
Jan 30, 2020
Unauthenticated crypto and weak IV in Magento\Framework\Encryption
High
CVE-2016-6485
was published
for
magento/community-edition
(Composer)
Nov 20, 2019
ProTip!
Advisories are also available from the
GraphQL API