GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,842
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,024
Maven 5,206
npm 3,731
NuGet 662
pip 3,407
Pub 12
RubyGems 891
Rust 864
Swift 36

Unreviewed advisories

All unreviewed 237,163

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

212 advisories

Filter by severity

Sort by

Least recently updated

In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible. Moderate Unreviewed

CVE-2021-25761 was published May 24, 2022

In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default. Moderate Unreviewed

CVE-2021-25763 was published May 24, 2022

Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote... Moderate Unreviewed

CVE-2020-29536 was published May 24, 2022

IBM Security Identity Governance and Intelligence 5.2.6 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2020-4968 was published May 24, 2022

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications... Moderate Unreviewed

CVE-2020-20950 was published May 24, 2022

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server... Moderate Unreviewed

CVE-2020-7339 was published May 24, 2022

IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms... Moderate Unreviewed

CVE-2020-4624 was published May 24, 2022

Untangle Firewall NG before 16.0 uses MD5 for passwords. Moderate Unreviewed

CVE-2020-17494 was published May 24, 2022

In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed... Moderate Unreviewed

CVE-2020-5943 was published May 24, 2022

During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time... Moderate Unreviewed

CVE-2020-12401 was published May 24, 2022

In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of... Moderate Unreviewed

CVE-2020-24619 was published May 24, 2022

A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka ... Moderate Unreviewed

CVE-2020-1596 was published May 24, 2022

During RSA key generation, bignum implementations used a variation of the Binary Extended... Moderate Unreviewed

CVE-2020-12402 was published May 24, 2022

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 ... Moderate Unreviewed

CVE-2020-7511 was published May 24, 2022

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of... Moderate Unreviewed

CVE-2020-13777 was published May 24, 2022

airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242... Moderate Unreviewed

CVE-2020-11876 was published May 24, 2022

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that... Moderate Unreviewed

CVE-2020-10932 was published May 24, 2022

wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing... Moderate Unreviewed

CVE-2020-11713 was published May 24, 2022

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and... Moderate Unreviewed

CVE-2020-10601 was published May 24, 2022

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is... Moderate Unreviewed

CVE-2020-11501 was published May 24, 2022

An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file... Moderate Unreviewed

CVE-2020-10560 was published May 24, 2022

python-apt Flawed Package Integrity Check Moderate

CVE-2019-15795 was published for python-apt (pip) May 24, 2022

openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than... Moderate Unreviewed

CVE-2020-10788 was published May 24, 2022

A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR... Moderate Unreviewed

CVE-2019-19299 was published May 24, 2022

There is a weak algorithm vulnerability in some Huawei products. The affected products use weak... Moderate Unreviewed

CVE-2019-19397 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

212 advisories