GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
149 advisories
Filter by severity
IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2022-22327
was published
Apr 2, 2022
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and...
High
Unreviewed
CVE-2021-33018
was published
Apr 3, 2022
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm...
High
Unreviewed
CVE-2022-22559
was published
Apr 13, 2022
IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2021-39076
was published
Apr 20, 2022
The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation...
High
Unreviewed
CVE-2022-29566
was published
Apr 22, 2022
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an...
High
Unreviewed
CVE-2021-45485
was published
Dec 26, 2021
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to...
High
Unreviewed
CVE-2021-27211
was published
May 24, 2022
BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an...
High
Unreviewed
CVE-2020-27611
was published
May 24, 2022
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in...
High
Unreviewed
CVE-2021-22309
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of...
High
Unreviewed
CVE-2019-5163
was published
May 24, 2022
Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute...
High
Unreviewed
CVE-2021-33582
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD...
High
Unreviewed
CVE-2022-24296
was published
Jun 9, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer....
High
Unreviewed
CVE-2021-27457
was published
May 24, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for...
High
Unreviewed
CVE-2017-11133
was published
May 17, 2022
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP...
High
Unreviewed
CVE-2020-28396
was published
May 24, 2022
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server...
High
Unreviewed
CVE-2022-28622
was published
Jun 28, 2022
On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade...
High
Unreviewed
CVE-2022-28370
was published
Jul 15, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4...
High
Unreviewed
CVE-2020-27653
was published
May 24, 2022
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6...
High
Unreviewed
CVE-2020-27652
was published
May 24, 2022
IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker...
High
Unreviewed
CVE-2022-34319
was published
Nov 14, 2022
IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker...
High
Unreviewed
CVE-2022-34320
was published
Nov 15, 2022
Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Dropbox desktop application 71...
High
Unreviewed
CVE-2019-12171
was published
May 24, 2022
Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon...
High
Unreviewed
CVE-2019-10492
was published
May 24, 2022
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to...
High
Unreviewed
CVE-2019-12621
was published
May 24, 2022
Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012.20035 and earlier versions...
High
Unreviewed
CVE-2019-8237
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API