Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,764
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

436 advisories

Loading
Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password"... Low Unreviewed
CVE-2002-1946 was published Apr 30, 2022
Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password... Low Unreviewed
CVE-2002-1975 was published Apr 30, 2022
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher... Moderate Unreviewed
CVE-2005-0366 was published May 1, 2022
WebEOC before 6.0.2 uses a weak encryption scheme for passwords, which makes it easier for... Moderate Unreviewed
CVE-2005-2281 was published May 1, 2022
SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to... Moderate Unreviewed
CVE-2005-4900 was published May 1, 2022
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5... Moderate Unreviewed
CVE-2008-3188 was published May 1, 2022
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in... Moderate Unreviewed
CVE-2009-2474 was published May 2, 2022
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2022-22368 was published May 4, 2022
Inadequate Encryption Strength vulnerability in TLS stack of Secomea SiteManager, LinkManager,... High Unreviewed
CVE-2021-32010 was published May 5, 2022
Zabbix before 5.0 represents passwords in the users table with unsalted MD5. Moderate Unreviewed
CVE-2013-7484 was published May 5, 2022
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm Moderate Unreviewed
CVE-2013-7286 was published May 5, 2022
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks High Unreviewed
CVE-2021-27761 was published May 7, 2022
Brocade SANnav before SANnav 2.2.0 application uses the Blowfish symmetric encryption algorithm... Moderate Unreviewed
CVE-2022-28164 was published May 7, 2022
An information disclosure vulnerability exists in the router configuration export functionality... Moderate Unreviewed
CVE-2022-26020 was published May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected... High Unreviewed
CVE-2018-1545 was published May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected... High Unreviewed
CVE-2018-1785 was published May 13, 2022
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict... High Unreviewed
CVE-2014-0224 was published May 13, 2022
An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch... Moderate Unreviewed
CVE-2017-5160 was published May 13, 2022
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet... Moderate Unreviewed
CVE-2011-3389 was published May 13, 2022
Moxa MGate MB3180 before 1.8, MGate MB3280 before 2.7, MGate MB3480 before 2.6, MGate MB3170... Critical Unreviewed
CVE-2016-5804 was published May 13, 2022
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3... Moderate Unreviewed
CVE-2018-4839 was published May 13, 2022
An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static... Low Unreviewed
CVE-2018-17177 was published May 13, 2022
Inadequate Encryption Strength in Apache CXF Moderate
CVE-2012-5575 was published for org.apache.cxf:cxf-rt-transports-http (Maven) May 13, 2022
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity... High Unreviewed
CVE-2018-9028 was published May 13, 2022
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier... High Unreviewed
CVE-2013-4508 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database