GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
41 advisories
Filter by severity
Insecure Cryptography Algorithm in parsel
Critical
GHSA-wqgx-4q47-j2w5
was published
for
parsel
(npm)
Sep 4, 2020
Unauthenticated Remote Code Execution in Apache JMeter
Critical
CVE-2019-0187
was published
for
org.apache.jmeter:ApacheJMeter
(Maven)
Mar 7, 2019
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote...
Critical
Unreviewed
CVE-2022-26854
was published
Apr 9, 2022
An exploitable information disclosure vulnerability exists in the Weave PASE pairing...
Critical
Unreviewed
CVE-2019-5035
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache Hadoop
Critical
CVE-2012-4449
was published
for
org.apache.hadoop:hadoop-client
(Maven)
May 17, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A...
Critical
Unreviewed
CVE-2022-31230
was published
Jun 29, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute...
Critical
Unreviewed
CVE-2014-8687
was published
May 17, 2022
The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a...
Critical
Unreviewed
CVE-2017-9466
was published
May 17, 2022
Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain...
Critical
Unreviewed
CVE-2022-34632
was published
Jul 19, 2022
Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected,...
Critical
Unreviewed
CVE-2020-14517
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX)...
Critical
Unreviewed
CVE-2021-22738
was published
May 24, 2022
A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification...
Critical
Unreviewed
CVE-2021-20305
was published
May 24, 2022
In Linaro OP-TEE before 3.7.0, by using inconsistent or malformed data, it is possible to call...
Critical
Unreviewed
CVE-2019-25052
was published
May 24, 2022
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and...
Critical
Unreviewed
CVE-2020-36363
was published
May 24, 2022
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH...
Critical
Unreviewed
CVE-2021-36298
was published
May 24, 2022
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Passwords are stored using...
Critical
Unreviewed
CVE-2019-5723
was published
May 13, 2022
Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio...
Critical
Unreviewed
CVE-2019-9483
was published
May 13, 2022
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server...
Critical
Unreviewed
CVE-2017-4917
was published
May 13, 2022
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which...
Critical
Unreviewed
CVE-2016-6602
was published
May 14, 2022
An issue was discovered in Valve Steam Link build 643. Root passwords longer than 8 characters...
Critical
Unreviewed
CVE-2017-17878
was published
May 14, 2022
Sonatype Nexus Repository Manager through 2.14.5 has weak password encryption with a hardcoded...
Critical
Unreviewed
CVE-2017-17717
was published
May 14, 2022
The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 has serious deficiencies...
Critical
Unreviewed
CVE-2021-31562
was published
Jan 22, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client...
Critical
Unreviewed
CVE-2014-9969
was published
May 17, 2022
Algorithms compute incorrect results in blake2
Critical
CVE-2019-16143
was published
for
blake2
(Rust)
Aug 25, 2021
Nablarch Incomplete Cryptography
Critical
CVE-2019-5919
was published
for
com.nablarch.framework:nablarch-fw-web
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API