Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

194 advisories

Loading
Reversible One-Way Hash in io.github.javaezlib:JavaEZ High
CVE-2022-29249 was published for io.github.javaezlib:JavaEZ (Maven) May 25, 2022
A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could... High Unreviewed
CVE-2019-14852 was published May 24, 2022
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP... High Unreviewed
CVE-2020-28396 was published May 24, 2022
Key confusion through non-blocklisted public key formats High
CVE-2022-29217 was published for pyjwt (pip) May 24, 2022
aapooksman
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 uses weaker than... High Unreviewed
CVE-2021-29894 was published May 24, 2022
Vulnerability in the generation of session IDs in revive-adserver < 5.3.0, based on the... High Unreviewed
CVE-2021-22948 was published May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected cryptographic algorithms that could allow... High Unreviewed
CVE-2021-29750 was published May 24, 2022
Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of service (multiple-minute... High Unreviewed
CVE-2021-33582 was published May 24, 2022
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected... High Unreviewed
CVE-2021-29723 was published May 24, 2022
IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected... High Unreviewed
CVE-2021-29722 was published May 24, 2022
IBM Security SOAR uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2021-29704 was published May 24, 2022
Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported... High Unreviewed
CVE-2021-2351 was published May 24, 2022
The combination of various cryptographic issues in the session management of FortiMail 6.4.0... High Unreviewed
CVE-2021-26095 was published May 24, 2022
IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2021-20497 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker than expected cryptographic... High Unreviewed
CVE-2021-20379 was published May 24, 2022
IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2021-20566 was published May 24, 2022
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate... High Unreviewed
CVE-2021-22212 was published May 24, 2022
An insufficiently protected credentials issue was discovered in Intland codeBeamer ALM 10.x... High Unreviewed
CVE-2020-26515 was published May 24, 2022
IBM Security Guardium 11.2 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2021-20419 was published May 24, 2022
A vulnerability has been found in multiple revisions of Emerson Rosemount X-STREAM Gas Analyzer.... High Unreviewed
CVE-2021-27457 was published May 24, 2022
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in... High Unreviewed
CVE-2021-22309 was published May 24, 2022
IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2020-4831 was published May 24, 2022
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2... High Unreviewed
CVE-2020-35221 was published May 24, 2022
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is... High Unreviewed
CVE-2021-23839 was published May 24, 2022
steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to... High Unreviewed
CVE-2021-27211 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database