GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
459 advisories
Filter by severity
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C...
Moderate
Unreviewed
CVE-2013-2213
was published
May 5, 2022
Incorrect MAC key used in the RC4-MD5 ciphersuite
Moderate
CVE-2022-1434
was published
for
openssl-src
(Rust)
May 4, 2022
The default configuration of the Wi-Fi component on the Huawei D100 does not use encryption,...
Moderate
Unreviewed
CVE-2009-2273
was published
May 2, 2022
Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local...
Low
Unreviewed
CVE-2008-3775
was published
May 2, 2022
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5...
Moderate
Unreviewed
CVE-2008-3188
was published
May 1, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit...
Moderate
Unreviewed
CVE-2007-6755
was published
May 1, 2022
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash,...
Moderate
Unreviewed
CVE-2007-6013
was published
May 1, 2022
Microsoft ActiveSync 4.1, as used in Windows Mobile 5.0, uses weak encryption (XOR obfuscation...
High
Unreviewed
CVE-2007-5460
was published
May 1, 2022
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 uses weak...
High
Unreviewed
CVE-2007-4150
was published
May 1, 2022
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the...
Moderate
Unreviewed
CVE-2005-4860
was published
May 1, 2022
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead...
Moderate
Unreviewed
CVE-2005-2946
was published
May 1, 2022
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt,...
Moderate
Unreviewed
CVE-2002-2058
was published
Apr 30, 2022
Information from SSL-encrypted sessions via PKCS #1.
Moderate
Unreviewed
CVE-1999-0007
was published
Apr 30, 2022
IBM UrbanCode Deploy (UCD) 7.1.1.2 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2021-39082
was published
Apr 30, 2022
Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords.
High
Unreviewed
CVE-2012-5623
was published
Apr 23, 2022
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J
Moderate
CVE-2011-2487
was published
for
org.apache.ws.security:wss4j
(Maven)
Apr 22, 2022
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG)...
Moderate
Unreviewed
CVE-2022-20805
was published
Apr 22, 2022
The Bulletproofs 2017/1066 paper mishandles Fiat-Shamir generation because the hash computation...
High
Unreviewed
CVE-2022-29566
was published
Apr 22, 2022
IBM Security Guardium 10.5 and 11.3 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2021-39076
was published
Apr 20, 2022
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm...
High
Unreviewed
CVE-2022-22559
was published
Apr 13, 2022
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard...
High
Unreviewed
CVE-2022-1252
was published
Apr 12, 2022
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. A remote...
Critical
Unreviewed
CVE-2022-26854
was published
Apr 9, 2022
A use of a broken or risky cryptographic algorithm vulnerability [CWE-327] in the Dynamic Tunnel...
Moderate
Unreviewed
CVE-2021-32593
was published
Apr 7, 2022
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and...
High
Unreviewed
CVE-2021-33018
was published
Apr 3, 2022
IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2022-22327
was published
Apr 2, 2022
ProTip!
Advisories are also available from the
GraphQL API