GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,726
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,003
Maven 5,192
npm 3,714
NuGet 661
pip 3,387
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,543

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

381 advisories

Filter by severity

Sort by

Least recently updated

Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure... Moderate Unreviewed

CVE-2022-30683 was published Sep 17, 2022

The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which... High Unreviewed

CVE-2022-2083 was published Sep 6, 2022

All versions of LS Industrial Systems (LSIS) Co. Ltd LS Electric PLCs and XG5000 PLC programming... Moderate Unreviewed

CVE-2022-2758 was published Sep 1, 2022

Hytec Inter HWL-2511-SS v1.05 and below implements a SHA512crypt hash for the root account which... Critical Unreviewed

CVE-2022-36555 was published Aug 30, 2022

Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an... High Unreviewed

CVE-2022-21139 was published Aug 19, 2022

Apache OpenOffice supports the storage of passwords for web connections in the user's... High Unreviewed

CVE-2022-37400 was published Aug 16, 2022

Apache OpenOffice supports the storage of passwords for web connections in the user's... High Unreviewed

CVE-2022-37401 was published Aug 16, 2022

On specific devices, there is a possible bypass of configuration integrity due to improperly used... High Unreviewed

CVE-2022-20374 was published Aug 12, 2022

LibreOffice supports the storage of passwords for web connections in the user’s configuration... High Unreviewed

CVE-2022-26306 was published Jul 26, 2022

LibreOffice supports the storage of passwords for web connections in the user’s configuration... High Unreviewed

CVE-2022-26307 was published Jul 26, 2022

In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the... Moderate Unreviewed

CVE-2022-34826 was published Jul 16, 2022

A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0... Moderate Unreviewed

CVE-2022-32222 was published Jul 15, 2022

IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that... High Unreviewed

CVE-2022-22453 was published Jul 15, 2022

IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than... High Unreviewed

CVE-2022-22464 was published Jul 9, 2022

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control... Moderate Unreviewed

CVE-2015-5361 was published May 24, 2022

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a... High Unreviewed

CVE-2020-4778 was published May 24, 2022

Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform ... High Unreviewed

CVE-2019-13539 was published May 24, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2019-4339 was published May 24, 2022

The Print Service is susceptible to man in the middle attacks due to improperly used crypto. This... Moderate Unreviewed

CVE-2019-9399 was published May 24, 2022

IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that... High Unreviewed

CVE-2019-4256 was published May 24, 2022

IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic... High Unreviewed

CVE-2021-38891 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-way cryptographic hash... High Unreviewed

CVE-2021-38979 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic... High Unreviewed

CVE-2021-38984 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses weaker than expected cryptographic... High Unreviewed

CVE-2021-38983 was published May 24, 2022

An information disclosure vulnerability was reported in some Motorola-branded Binatone Hubble... Moderate Unreviewed

CVE-2021-3789 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

381 advisories