Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

178 advisories

Loading
LibreOffice supports the storage of passwords for web connections in the user’s configuration... High Unreviewed
CVE-2022-26306 was published Jul 26, 2022
LibreOffice supports the storage of passwords for web connections in the user’s configuration... High Unreviewed
CVE-2022-26307 was published Jul 26, 2022
Weak Cryptography in PHP-Proxy High
CVE-2018-19784 was published for athlon1600/php-proxy (Composer) May 13, 2022
The Simple JWT Login WordPress plugin before 3.3.0 can be used to create new WordPress user... High Unreviewed
CVE-2021-24998 was published Dec 28, 2021
OpenSSL gem for Ruby using inadequate encryption strength High
CVE-2016-7798 was published for openssl (RubyGems) Oct 24, 2017
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517,... High Unreviewed
CVE-2021-26726 was published Feb 17, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... High Unreviewed
CVE-2022-20677 was published Apr 16, 2022
An improper access control vulnerability exists prior to v6 that could allow an attacker to break... High Unreviewed
CVE-2023-23911 was published Mar 11, 2023
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a... High Unreviewed
CVE-2022-43460 was published Feb 13, 2023
Improper cryptographic implementation in Samsung Flow for Android prior to version 4.9.04 allows... High Unreviewed
CVE-2023-21443 was published Feb 9, 2023
Improper cryptographic implementation in Samsung Flow for PC 4.9.14.0 allows adjacent attackers... High Unreviewed
CVE-2023-21444 was published Feb 9, 2023
IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2019-4256 was published May 24, 2022
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may... High Unreviewed
CVE-2020-14481 was published Feb 25, 2022
Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4... High Unreviewed
CVE-2020-10636 was published Feb 25, 2022
A CWE-326: Inadequate Encryption Strength vulnerability exists that could cause non-encrypted... High Unreviewed
CVE-2022-24318 was published Feb 11, 2022
Dell Wyse Management Suite version 3.3.1 and prior support insecure Transport Security Protocols... High Unreviewed
CVE-2021-36337 was published Dec 22, 2021
WordPress through 4.8.2 uses a weak MD5-based password hashing algorithm, which makes it easier... High Unreviewed
CVE-2012-6707 was published May 17, 2022
IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected... High Unreviewed
CVE-2017-1375 was published May 17, 2022
Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows... High Unreviewed
CVE-2017-14797 was published May 17, 2022
Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600... High Unreviewed
CVE-2017-8174 was published May 17, 2022
IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows... High Unreviewed
CVE-2017-1271 was published May 17, 2022
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no... High Unreviewed
CVE-2017-17436 was published May 14, 2022
In the Procter & Gamble "Oral-B App" (aka com.pg.oralb.oralbapp) application 5.0.0 for Android,... High Unreviewed
CVE-2018-5298 was published May 14, 2022
IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores... High Unreviewed
CVE-2017-1701 was published May 14, 2022
IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 uses weaker than expected... High Unreviewed
CVE-2017-1255 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API