Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

191 advisories

Loading
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub... Moderate Unreviewed
CVE-2019-14664 was published May 24, 2022
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values... Moderate Unreviewed
CVE-2019-10638 was published May 24, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.0 uses... Moderate Unreviewed
CVE-2019-4102 was published May 24, 2022
IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2019-4151 was published May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm in XWiki Crypto API Moderate
CVE-2022-29161 was published for org.xwiki.platform:xwiki-platform-crypto (Maven) May 24, 2022
Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through... Moderate Unreviewed
CVE-2020-16235 was published May 20, 2022
Beaker Sensitive Information Disclosure vulnerability Moderate
CVE-2012-3458 was published for beaker (pip) May 17, 2022
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed
CVE-2015-8086 was published May 17, 2022
Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed
CVE-2015-8085 was published May 17, 2022
IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information,... Moderate Unreviewed
CVE-2016-3034 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue... Moderate Unreviewed
CVE-2016-4685 was published May 17, 2022
Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the... Moderate Unreviewed
CVE-2016-10104 was published May 17, 2022
IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2017-1179 was published May 17, 2022
An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and... Moderate Unreviewed
CVE-2017-2391 was published May 17, 2022
SimpleSAMLphp Incorrect IV generation for encryption Moderate
CVE-2017-12871 was published for simplesamlphp/simplesamlphp (Composer) May 17, 2022
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2017-1664 was published May 14, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2018-1425 was published May 14, 2022
IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for... Moderate Unreviewed
CVE-2015-4953 was published May 14, 2022
IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash... Moderate Unreviewed
CVE-2014-0841 was published May 14, 2022
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the... Moderate Unreviewed
CVE-2016-6225 was published May 14, 2022
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2017-1665 was published May 14, 2022
comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL... Moderate Unreviewed
CVE-2018-6653 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue... Moderate Unreviewed
CVE-2017-2399 was published May 13, 2022
IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed
CVE-2017-1713 was published May 13, 2022
Inadequate Encryption Strength in Jenkins Moderate
CVE-2017-2598 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database