GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,726
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,003
Maven 5,192
npm 3,714
NuGet 661
pip 3,387
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,543

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

174 advisories

Filter by severity

Sort by

Least recently updated

The NPort IA5000A Series devices use Telnet as one of the network device management services.... Moderate Unreviewed

CVE-2020-27184 was published May 24, 2022

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2... Moderate Unreviewed

CVE-2021-31615 was published May 24, 2022

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data. Moderate Unreviewed

CVE-2021-37587 was published May 24, 2022

In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256. Moderate Unreviewed

CVE-2021-37551 was published May 24, 2022

All versions of LS Industrial Systems (LSIS) Co. Ltd LS Electric PLCs and XG5000 PLC programming... Moderate Unreviewed

CVE-2022-2758 was published Sep 1, 2022

In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted... Moderate Unreviewed

CVE-2021-37546 was published May 24, 2022

The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1... Moderate Unreviewed

CVE-2021-31798 was published May 24, 2022

In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component... Moderate Unreviewed

CVE-2021-41061 was published May 24, 2022

SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses encryption method... Moderate Unreviewed

CVE-2022-41209 was published Oct 12, 2022

An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and... Moderate Unreviewed

CVE-2017-2391 was published May 17, 2022

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed

CVE-2017-1179 was published May 17, 2022

Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the... Moderate Unreviewed

CVE-2016-10104 was published May 17, 2022

In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the... Moderate Unreviewed

CVE-2022-34826 was published Jul 16, 2022

IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information,... Moderate Unreviewed

CVE-2016-3034 was published May 17, 2022

An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue... Moderate Unreviewed

CVE-2016-4685 was published May 17, 2022

This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2020-10919 was published May 24, 2022

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed

CVE-2015-8085 was published May 17, 2022

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed

CVE-2015-8086 was published May 17, 2022

DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt... Moderate Unreviewed

CVE-2021-40341 was published Jan 6, 2023

Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through... Moderate Unreviewed

CVE-2020-16235 was published May 20, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2019-4339 was published May 24, 2022

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values... Moderate Unreviewed

CVE-2019-10638 was published May 24, 2022

In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted in memory. Upon a crash, it... Moderate Unreviewed

CVE-2019-15947 was published May 24, 2022

In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub... Moderate Unreviewed

CVE-2019-14664 was published May 24, 2022

The Infinite Design application 3.4.12 for Android sends a username and password via TCP without... Moderate Unreviewed

CVE-2019-17356 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

174 advisories