GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
438 advisories
Filter by severity
Laravel Framework XSS in Blade templating engine
Moderate
CVE-2021-43808
was published
for
illuminate/view
(Composer)
Dec 8, 2021
A missing cryptographic steps vulnerability in the function that encrypts users' LDAP and RADIUS...
Moderate
Unreviewed
CVE-2021-32591
was published
Dec 9, 2021
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5...
High
Unreviewed
CVE-2021-39002
was published
Dec 10, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-39058
was published
Dec 14, 2021
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
Critical
Unreviewed
CVE-2021-42216
was published
Dec 16, 2021
In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption...
High
Unreviewed
CVE-2021-45451
was published
Dec 22, 2021
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt...
High
Unreviewed
CVE-2021-45450
was published
Dec 22, 2021
mySCADA myPRO Versions 8.20.0 and prior stores passwords using MD5, which may allow an attacker...
High
Unreviewed
CVE-2021-43989
was published
Dec 24, 2021
A cryptographic weakness existed in the authentication protocol of Remote Desktop. This issue was...
High
Unreviewed
CVE-2017-2488
was published
Dec 24, 2021
In the IPv4 implementation in the Linux kernel before 5.12.4, net/ipv4/route.c has an information...
Moderate
Unreviewed
CVE-2021-45486
was published
Dec 26, 2021
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an...
High
Unreviewed
CVE-2021-45485
was published
Dec 26, 2021
In NetBSD through 9.2, there is an information leak in the TCP ISN (ISS) generation algorithm.
High
Unreviewed
CVE-2021-45488
was published
Dec 26, 2021
In NetBSD through 9.2, the IPv4 ID generation algorithm does not use appropriate cryptographic...
High
Unreviewed
CVE-2021-45487
was published
Dec 26, 2021
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in...
Moderate
Unreviewed
CVE-2021-43550
was published
Dec 28, 2021
Inadequate Encryption Strength in Apache NiFi
High
CVE-2020-9491
was published
for
org.apache.nifi:nifi
(Maven)
Jan 6, 2022
Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy
High
CVE-2021-42583
was published
for
github.com/foxcpp/maddy
(Go)
Jan 6, 2022
Command Injection in Apache James
Moderate
CVE-2021-38542
was published
for
org.apache.james:james-server
(Maven)
Jan 8, 2022
The fingerprint module has a security risk of brute force cracking. Successful exploitation of...
Moderate
Unreviewed
CVE-2021-40006
was published
Jan 11, 2022
IBM Security Verify 10.0.0, 10.0.1.0, and 10.0.2.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-38921
was published
Jan 11, 2022
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than...
Moderate
Unreviewed
CVE-2022-22310
was published
Jan 20, 2022
The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies...
Critical
Unreviewed
CVE-2021-31562
was published
Jan 22, 2022
Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 issues...
High
Unreviewed
CVE-2021-33846
was published
Jan 22, 2022
The firmware on Moxa TN-5900 devices through 3.1 has a weak algorithm that allows an attacker to...
High
Unreviewed
CVE-2021-46559
was published
Jan 27, 2022
In-band key negotiation issue in AWS S3 Crypto SDK for golang
Low
CVE-2020-8912
was published
for
github.com/aws/aws-sdk-go
(Go)
Feb 11, 2022
ProTip!
Advisories are also available from the
GraphQL API