GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,330
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
206 advisories
Filter by severity
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for...
Moderate
Unreviewed
CVE-2021-31352
was published
May 24, 2022
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists where weak...
Moderate
Unreviewed
CVE-2022-34757
was published
Jul 14, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for...
Moderate
Unreviewed
CVE-2022-29960
was published
Jul 27, 2022
The Emerson DeltaV Distributed Control System (DCS) controllers and IO cards through 2022-04-29...
Moderate
Unreviewed
CVE-2022-29965
was published
Jul 27, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm...
Moderate
Unreviewed
CVE-2022-30320
was published
Jul 29, 2022
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering...
Moderate
Unreviewed
CVE-2022-29959
was published
Aug 17, 2022
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the...
Moderate
Unreviewed
CVE-2021-3979
was published
Aug 26, 2022
WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An...
Moderate
Unreviewed
CVE-2022-29835
was published
Sep 20, 2022
SIF's Digital Signature Hash Algorithms Not Validated
Moderate
CVE-2022-39237
was published
for
github.com/sylabs/sif/v2
(Go)
Oct 6, 2022
SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2, does not apply a key derivation...
Moderate
Unreviewed
CVE-2022-45195
was published
Nov 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a...
Moderate
Unreviewed
CVE-2022-27581
was published
Dec 13, 2022
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an...
Moderate
Unreviewed
CVE-2022-46140
was published
Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version < v2.21 allows a...
Moderate
Unreviewed
CVE-2022-46833
was published
Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version < 2.21 allows a...
Moderate
Unreviewed
CVE-2022-46832
was published
Dec 13, 2022
Use of a Broken or Risky Cryptographic Algorithm in SICK RFU65x firmware version < v2.21 allows a...
Moderate
Unreviewed
CVE-2022-46834
was published
Dec 13, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios...
Moderate
Unreviewed
CVE-2022-4610
was published
Dec 19, 2022
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing...
Moderate
Unreviewed
CVE-2022-20513
was published
Dec 20, 2022
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
Moderate
CVE-2022-23540
was published
for
jsonwebtoken
(npm)
Dec 22, 2022
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum...
Moderate
Unreviewed
CVE-2021-36647
was published
Jan 17, 2023
The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health...
Moderate
Unreviewed
CVE-2023-0296
was published
Jan 17, 2023
All versions of Econolite EOS traffic control software are vulnerable to CWE-328: Use of Weak...
Moderate
Unreviewed
CVE-2023-0452
was published
Jan 26, 2023
IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker...
Moderate
Unreviewed
CVE-2022-35720
was published
Feb 8, 2023
Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote...
Moderate
Unreviewed
CVE-2022-22564
was published
Feb 14, 2023
Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm...
Moderate
Unreviewed
CVE-2023-23695
was published
Feb 17, 2023
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can...
Moderate
Unreviewed
CVE-2022-45170
was published
Apr 14, 2023
ProTip!
Advisories are also available from the
GraphQL API