Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

437 advisories

Loading
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases,... Moderate Unreviewed
CVE-2013-2566 was published May 13, 2022
IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2016-3019 was published May 13, 2022
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected... High Unreviewed
CVE-2016-5919 was published May 13, 2022
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2... Critical Unreviewed
CVE-2017-11317 was published May 13, 2022
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm... High Unreviewed
CVE-2018-15796 was published May 13, 2022
An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are... High Unreviewed
CVE-2018-18767 was published May 13, 2022
Airsonic 10.2.1 uses Spring's default remember-me mechanism based on MD5, with a fixed key of... Critical Unreviewed
CVE-2019-10907 was published May 13, 2022
controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on... High Unreviewed
CVE-2019-7648 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6... Moderate Unreviewed
CVE-2018-1466 was published May 13, 2022
A vulnerability in the identity management service of Cisco Digital Network Architecture (DNA)... Critical Unreviewed
CVE-2018-0448 was published May 13, 2022
The nsSOCKSSocketInfo::ConnectToProxy function in Mozilla Firefox before 18.0, Firefox ESR 17.x... High Unreviewed
CVE-2013-0764 was published May 13, 2022
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0,... Moderate Unreviewed
CVE-2014-1491 was published May 13, 2022
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows... High Unreviewed
CVE-2017-17543 was published May 13, 2022
An Inadequate Encryption Strength issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100... Moderate Unreviewed
CVE-2018-5461 was published May 13, 2022
IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance supports... High Unreviewed
CVE-2018-1946 was published May 13, 2022
IBM WebShere MQ 9.1.0.0, 9.1.0.1, 9.1.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2018-1925 was published May 13, 2022
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker... High Unreviewed
CVE-2018-1814 was published May 13, 2022
IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2 uses weaker than expected cryptographic... High Unreviewed
CVE-2018-1751 was published May 13, 2022
IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1... High Unreviewed
CVE-2018-1665 was published May 13, 2022
IBM Multi-Cloud Data Encryption (MDE) 2.1 could allow an unauthorized user to manipulate data due... Moderate Unreviewed
CVE-2018-1593 was published May 13, 2022
IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability... Moderate Unreviewed
CVE-2018-1518 was published May 13, 2022
Philips HealthSuite Health Android App, all versions. The software uses simple encryption that is... Moderate Unreviewed
CVE-2018-19001 was published May 13, 2022
A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS... Moderate Unreviewed
CVE-2018-0131 was published May 13, 2022
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges.... Low Unreviewed
CVE-2017-9635 was published May 13, 2022
An Inadequate Encryption Strength issue was discovered in Mirion Technologies DMC 3000... Moderate Unreviewed
CVE-2017-9645 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database