Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,328
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
Insecure Cryptography Algorithm in parsel Critical
GHSA-wqgx-4q47-j2w5 was published for parsel (npm) Sep 4, 2020
Unauthenticated Remote Code Execution in Apache JMeter Critical
CVE-2019-0187 was published for org.apache.jmeter:ApacheJMeter (Maven) Mar 7, 2019
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote... Critical Unreviewed
CVE-2022-26854 was published Apr 9, 2022
An exploitable information disclosure vulnerability exists in the Weave PASE pairing... Critical Unreviewed
CVE-2019-5035 was published May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop Critical
CVE-2012-4449 was published for org.apache.hadoop:hadoop-client (Maven) May 17, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A... Critical Unreviewed
CVE-2022-31230 was published Jun 29, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed
CVE-2014-8687 was published May 17, 2022
The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a... Critical Unreviewed
CVE-2017-9466 was published May 17, 2022
Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed
CVE-2022-34632 was published Jul 19, 2022
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected,... Critical Unreviewed
CVE-2020-14517 was published May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX)... Critical Unreviewed
CVE-2021-22738 was published May 24, 2022
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification... Critical Unreviewed
CVE-2021-20305 was published May 24, 2022
In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call... Critical Unreviewed
CVE-2019-25052 was published May 24, 2022
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and... Critical Unreviewed
CVE-2020-36363 was published May 24, 2022
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH... Critical Unreviewed
CVE-2021-36298 was published May 24, 2022
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Passwords are stored using... Critical Unreviewed
CVE-2019-5723 was published May 13, 2022
Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio... Critical Unreviewed
CVE-2019-9483 was published May 13, 2022
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server... Critical Unreviewed
CVE-2017-4917 was published May 13, 2022
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which... Critical Unreviewed
CVE-2016-6602 was published May 14, 2022
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters... Critical Unreviewed
CVE-2017-17878 was published May 14, 2022
Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded... Critical Unreviewed
CVE-2017-17717 was published May 14, 2022
The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies... Critical Unreviewed
CVE-2021-31562 was published Jan 22, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client... Critical Unreviewed
CVE-2014-9969 was published May 17, 2022
Algorithms compute incorrect results in blake2 Critical
CVE-2019-16143 was published for blake2 (Rust) Aug 25, 2021
Nablarch Incomplete Cryptography Critical
CVE-2019-5919 was published for com.nablarch.framework:nablarch-fw-web (Maven) May 13, 2022
chupaaaaaaan
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database