Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

165 advisories

Loading
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38983 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38984 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-way cryptographic hash... High Unreviewed
CVE-2021-38979 was published May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption... High Unreviewed
CVE-2021-38464 was published May 24, 2022
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2021-38862 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected... High Unreviewed
CVE-2021-38925 was published May 24, 2022
The user and password data base is exposed by an unprotected web server resource. Passwords are... High Unreviewed
CVE-2021-23855 was published May 24, 2022
Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number... High Unreviewed
CVE-2021-41829 was published May 24, 2022
An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may... High Unreviewed
CVE-2021-31796 was published May 24, 2022
In SapphireIMS 4097_1, the password in the database is stored in Base64 format. High Unreviewed
CVE-2017-16632 was published May 24, 2022
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net:... High Unreviewed
CVE-2021-32066 was published May 24, 2022
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected... High Unreviewed
CVE-2021-20337 was published May 24, 2022
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2021-20360 was published May 24, 2022
IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which... High Unreviewed
CVE-2021-29794 was published May 24, 2022
Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it... High Unreviewed
CVE-2021-34430 was published May 24, 2022
Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks. High Unreviewed
CVE-2021-28213 was published May 24, 2022
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0... High Unreviewed
CVE-2020-15387 was published May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... High Unreviewed
CVE-2021-27457 was published May 24, 2022
Weak Encoding for Password in DoraCMS v2.1.1 and earlier allows attackers to obtain sensitive... High Unreviewed
CVE-2020-18220 was published May 24, 2022
Password generator feature in Kaspersky Password Manager was not completely cryptographically... High Unreviewed
CVE-2020-27020 was published May 24, 2022
In JetBrains WebStorm before 2021.1, HTTP requests were used instead of HTTPS. High Unreviewed
CVE-2021-31898 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-29694 was published May 24, 2022
IBM Jazz Team Server products use weaker than expected cryptographic algorithms that could allow... High Unreviewed
CVE-2020-4965 was published May 24, 2022
SSH server configuration file does not implement some best practices. This could lead to a... High Unreviewed
CVE-2021-27450 was published May 24, 2022
On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction... High Unreviewed
CVE-2019-18630 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database