GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,459

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

412 advisories

Filter by severity

Sort by

Least recently updated

Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through... Moderate Unreviewed

CVE-2020-16235 was published May 20, 2022

DES cipher, which has inadequate encryption strength, is used Hitachi Energy FOXMAN-UN to encrypt... Moderate Unreviewed

CVE-2021-40341 was published Jan 6, 2023

The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a... Critical Unreviewed

CVE-2021-42949 was published Sep 17, 2022

The user and password data base is exposed by an unprotected web server resource. Passwords are... High Unreviewed

CVE-2021-23855 was published May 24, 2022

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed

CVE-2015-8086 was published May 17, 2022

Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software... Moderate Unreviewed

CVE-2015-8085 was published May 17, 2022

This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed

CVE-2020-10919 was published May 24, 2022

An issue was discovered in certain Apple products. iOS before 10.1 is affected. The issue... Moderate Unreviewed

CVE-2016-4685 was published May 17, 2022

IBM AppScan Source uses a one-way hash without salt to encrypt highly sensitive information,... Moderate Unreviewed

CVE-2016-3034 was published May 17, 2022

hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and... High Unreviewed

CVE-2016-10102 was published May 17, 2022

In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the... Moderate Unreviewed

CVE-2022-34826 was published Jul 16, 2022

On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is... Critical Unreviewed

CVE-2017-8076 was published May 17, 2022

IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a... High Unreviewed

CVE-2016-2879 was published May 17, 2022

OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK. High Unreviewed

CVE-2016-5056 was published May 17, 2022

An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently... High Unreviewed

CVE-2017-5999 was published May 17, 2022

IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that... High Unreviewed

CVE-2022-22453 was published Jul 15, 2022

Due to a lack of standard encryption when transmitting sensitive information over the internet to... High Unreviewed

CVE-2017-5239 was published May 17, 2022

The Mxit protocol uses weak encryption when encrypting user passwords, which might allow... High Unreviewed

CVE-2016-2379 was published May 17, 2022

Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the... Moderate Unreviewed

CVE-2016-10104 was published May 17, 2022

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue... High Unreviewed

CVE-2017-2380 was published May 17, 2022

A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix... Critical Unreviewed

CVE-2017-7903 was published May 17, 2022

PGP/MIME encrypted messages injected into a Vaultive O365 (before 4.5.21) frontend via IMAP or... Critical Unreviewed

CVE-2017-7229 was published May 17, 2022

IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure... High Unreviewed

CVE-2017-1319 was published May 17, 2022

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than... High Unreviewed

CVE-2022-22464 was published Jul 9, 2022

IBM BigFix Compliance Analytics 1.9.79 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed

CVE-2017-1179 was published May 17, 2022

Previous 1 2 … 13 14 15 16 17 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

412 advisories