Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

192 advisories

Loading
A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted... High Unreviewed
CVE-2022-24318 was published Feb 11, 2022
Use of Hard-coded Credentials in Apache Kylin High
CVE-2021-45458 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient protections for the UART... High Unreviewed
CVE-2021-20161 was published Dec 31, 2021
The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user... High Unreviewed
CVE-2021-24998 was published Dec 28, 2021
In NetBSD through 9.2, the IPv6 fragment ID generation algorithm employs a weak cryptographic PRNG. High Unreviewed
CVE-2021-45484 was published Dec 26, 2021
Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols... High Unreviewed
CVE-2021-36337 was published Dec 22, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38947 was published Dec 14, 2021
An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker... High Unreviewed
CVE-2021-37188 was published Dec 11, 2021
Assuming a database breach, nonce reuse issues in GitLab 11.6+ allows an attacker to decrypt some... High Unreviewed
CVE-2021-22170 was published Dec 7, 2021
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow... High Unreviewed
CVE-2021-20400 was published Dec 2, 2021
Improper hashing in enrocrypt High
CVE-2021-39182 was published for enrocrypt (pip) Nov 10, 2021
RSA weakness in tslite-ng High
CVE-2020-26263 was published for tlslite-ng (pip) Dec 21, 2020
tomato42
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-15811 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
Inadequate Encryption Strength in DotNetNuke High
CVE-2018-18325 was published for DotNetNuke.Core (NuGet) Jul 5, 2019
In Bouncy Castle JCE Provider the ECIES implementation allowed the use of ECB mode High
CVE-2016-1000352 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 17, 2018
Pycrypto generates weak key parameters High
CVE-2018-6594 was published for pycrypto (pip) Jul 12, 2018
OpenSSL gem for Ruby using inadequate encryption strength High
CVE-2016-7798 was published for openssl (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database