Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

416 advisories

Loading
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform ... High Unreviewed
CVE-2019-13539 was published May 24, 2022
Play Framework Inadequate Encryption Strength vulnerability High
CVE-2019-17598 was published for com.typesafe.play:play-ws_2.12 (Maven) May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2019-4339 was published May 24, 2022
The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This... Moderate Unreviewed
CVE-2019-9399 was published May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2019-4256 was published May 24, 2022
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38891 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-way cryptographic hash... High Unreviewed
CVE-2021-38979 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38983 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-38984 was published May 24, 2022
An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble... Moderate Unreviewed
CVE-2021-3789 was published May 24, 2022
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the... Low Unreviewed
CVE-2020-14263 was published May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have inadequate encryption... High Unreviewed
CVE-2021-38464 was published May 24, 2022
IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2021-38862 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected... High Unreviewed
CVE-2021-38925 was published May 24, 2022
The user and password data base is exposed by an unprotected web server resource. Passwords are... High Unreviewed
CVE-2021-23855 was published May 24, 2022
Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number... High Unreviewed
CVE-2021-41829 was published May 24, 2022
In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component... Moderate Unreviewed
CVE-2021-41061 was published May 24, 2022
An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may... High Unreviewed
CVE-2021-31796 was published May 24, 2022
The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is... Moderate Unreviewed
CVE-2021-31797 was published May 24, 2022
The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1... Moderate Unreviewed
CVE-2021-31798 was published May 24, 2022
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such... Moderate Unreviewed
CVE-2021-39272 was published May 24, 2022
In SapphireIMS 4097_1, the password in the database is stored in Base64 format. High Unreviewed
CVE-2017-16632 was published May 24, 2022
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted... Moderate Unreviewed
CVE-2021-37546 was published May 24, 2022
In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment... Moderate Unreviewed
CVE-2021-37540 was published May 24, 2022
In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256. Moderate Unreviewed
CVE-2021-37551 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database