GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
416 advisories
Filter by severity
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform ...
High
Unreviewed
CVE-2019-13539
was published
May 24, 2022
Play Framework Inadequate Encryption Strength vulnerability
High
CVE-2019-17598
was published
for
com.typesafe.play:play-ws_2.12
(Maven)
May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2019-4339
was published
May 24, 2022
The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This...
Moderate
Unreviewed
CVE-2019-9399
was published
May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2019-4256
was published
May 24, 2022
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-38891
was published
May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-way cryptographic hash...
High
Unreviewed
CVE-2021-38979
was published
May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-38983
was published
May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-38984
was published
May 24, 2022
An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble...
Moderate
Unreviewed
CVE-2021-3789
was published
May 24, 2022
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the...
Low
Unreviewed
CVE-2020-14263
was published
May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption...
High
Unreviewed
CVE-2021-38464
was published
May 24, 2022
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2021-38862
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected...
High
Unreviewed
CVE-2021-38925
was published
May 24, 2022
The user and password data base is exposed by an unprotected web server resource. Passwords are...
High
Unreviewed
CVE-2021-23855
was published
May 24, 2022
Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number...
High
Unreviewed
CVE-2021-41829
was published
May 24, 2022
In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component...
Moderate
Unreviewed
CVE-2021-41061
was published
May 24, 2022
An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may...
High
Unreviewed
CVE-2021-31796
was published
May 24, 2022
The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is...
Moderate
Unreviewed
CVE-2021-31797
was published
May 24, 2022
The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1...
Moderate
Unreviewed
CVE-2021-31798
was published
May 24, 2022
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such...
Moderate
Unreviewed
CVE-2021-39272
was published
May 24, 2022
In SapphireIMS 4097_1, the password in the database is stored in Base64 format.
High
Unreviewed
CVE-2017-16632
was published
May 24, 2022
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted...
Moderate
Unreviewed
CVE-2021-37546
was published
May 24, 2022
In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment...
Moderate
Unreviewed
CVE-2021-37540
was published
May 24, 2022
In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256.
Moderate
Unreviewed
CVE-2021-37551
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API