GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,757

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

384 advisories

Filter by severity

Sort by

Least recently updated

IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow... High Unreviewed

CVE-2021-20400 was published Dec 2, 2021

Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some... High Unreviewed

CVE-2021-22170 was published Dec 7, 2021

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker... High Unreviewed

CVE-2021-37188 was published Dec 11, 2021

IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic... High Unreviewed

CVE-2021-38947 was published Dec 14, 2021

Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols... High Unreviewed

CVE-2021-36337 was published Dec 22, 2021

In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. High Unreviewed

CVE-2021-45484 was published Dec 26, 2021

Certain NETGEAR devices are affected by weak cryptography. This affects D7000v2 before 1.0.0.62,... Critical Unreviewed

CVE-2021-45512 was published Dec 27, 2021

The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user... High Unreviewed

CVE-2021-24998 was published Dec 28, 2021

Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART... High Unreviewed

CVE-2021-20161 was published Dec 31, 2021

The fingerprint module has a security risk of brute force cracking. Successful exploitation of... Moderate Unreviewed

CVE-2021-40006 was published Jan 11, 2022

A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted... High Unreviewed

CVE-2022-24318 was published Feb 11, 2022

Inadequate Encryption Strength and Algorithm Downgrade in Wildfly Moderate Unreviewed

CVE-2019-14887 was published Feb 15, 2022

A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517,... High Unreviewed

CVE-2021-26726 was published Feb 17, 2022

IBM Maximo Anywhere 7.6.4.0 could allow an attacker to reverse engineer the application due to... Moderate Unreviewed

CVE-2019-4291 was published Feb 17, 2022

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Moderate Unreviewed

CVE-2022-21800 was published Feb 19, 2022

The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may... High Unreviewed

CVE-2020-14481 was published Feb 25, 2022

Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4... High Unreviewed

CVE-2020-10636 was published Feb 25, 2022

Argus Surveillance DVR v4.0 employs weak password encryption. Moderate Unreviewed

CVE-2022-25012 was published Mar 3, 2022

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Moderate Unreviewed

CVE-2021-37209 was published Mar 9, 2022

An attacker could decipher the encryption and gain access to MDT AutoSave versions prior to v6.02... High Unreviewed

CVE-2021-32945 was published Apr 3, 2022

An issue was discovered in HTCondor 9.0.x before 9.0.10 and 9.1.x before 9.5.1. An attacker who... High Unreviewed

CVE-2021-45104 was published Apr 7, 2022

The Download Manager WordPress plugin before 3.2.39 uses the uniqid php function to generate the... High Unreviewed

CVE-2022-0828 was published Apr 12, 2022

Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard... High Unreviewed

CVE-2022-1252 was published Apr 12, 2022

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... High Unreviewed

CVE-2022-20677 was published Apr 16, 2022

Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local... Moderate Unreviewed

CVE-2022-1318 was published Apr 21, 2022

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

384 advisories