GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
459 advisories
Filter by severity
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen...
Moderate
Unreviewed
CVE-2018-10845
was published
May 13, 2022
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen...
Moderate
Unreviewed
CVE-2018-10844
was published
May 13, 2022
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM...
Moderate
Unreviewed
CVE-2018-10846
was published
May 13, 2022
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state...
Moderate
Unreviewed
CVE-2015-2808
was published
May 13, 2022
The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container...
High
Unreviewed
CVE-2019-3818
was published
May 13, 2022
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side...
Moderate
Unreviewed
CVE-2018-0737
was published
May 13, 2022
Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio...
Critical
Unreviewed
CVE-2019-9483
was published
May 13, 2022
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored...
High
Unreviewed
CVE-2019-7673
was published
May 13, 2022
On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configured with a Client SSL...
Moderate
Unreviewed
CVE-2019-6593
was published
May 13, 2022
Nablarch Incomplete Cryptography
Critical
CVE-2019-5919
was published
for
com.nablarch.framework:nablarch-fw-web
(Maven)
May 13, 2022
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Passwords are stored using...
Critical
Unreviewed
CVE-2019-5723
was published
May 13, 2022
Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an...
Moderate
Unreviewed
CVE-2019-5754
was published
May 13, 2022
ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption...
High
Unreviewed
CVE-2019-1543
was published
May 13, 2022
An issue was discovered in Mitsubishi Electric Automation MELSEC-Q series Ethernet interface...
High
Unreviewed
CVE-2016-8370
was published
May 13, 2022
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE...
High
Unreviewed
CVE-2015-0535
was published
May 13, 2022
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE...
High
Unreviewed
CVE-2015-0533
was published
May 13, 2022
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA...
Moderate
Unreviewed
CVE-2018-11069
was published
May 13, 2022
The client in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.9 and 4.1.x before 4.1.5...
High
Unreviewed
CVE-2016-0923
was published
May 13, 2022
RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a...
Moderate
Unreviewed
CVE-2018-11070
was published
May 13, 2022
Avaya one-X Communicator uses weak cryptographic algorithms in the client authentication...
Moderate
Unreviewed
CVE-2019-7006
was published
May 13, 2022
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x...
Moderate
Unreviewed
CVE-2018-11057
was published
May 13, 2022
An exploitable Weak Cryptography for Passwords vulnerability exists in the web server...
High
Unreviewed
CVE-2017-12129
was published
May 13, 2022
In (TBD) of (TBD), there is a possible way to decrypt local data encrypted by the GSC due to...
Moderate
Unreviewed
CVE-2022-20117
was published
May 11, 2022
IBM Cloud Pak System 2.3.0 through 2.3.3.3 Interim Fix 1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2021-20479
was published
May 10, 2022
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and...
Moderate
Unreviewed
CVE-2013-1053
was published
May 5, 2022
ProTip!
Advisories are also available from the
GraphQL API