GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
21 advisories
Filter by severity
paillier-zk has ambiguous challenge derivation
Low
GHSA-fpr5-jp2j-4q2f
was published
for
paillier-zk
(Rust)
Nov 12, 2024
cggmp21 vulnerable to ambiguous challenge derivation
Low
GHSA-rm66-9gh4-4gp8
was published
for
cggmp21
(Rust)
Nov 12, 2024
cggmp21-keygen has ambiguous challenge derivation
Low
GHSA-7jjx-3qw9-j6h6
was published
for
cggmp21-keygen
(Rust)
Nov 12, 2024
github.com/bincyber/go-sqlcrypter vulnerable to IV collision
Low
GHSA-2j6r-9vv4-6gf5
was published
for
github.com/bincyber/go-sqlcrypter
(Go)
May 20, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Low
Unreviewed
CVE-2023-37396
was published
Apr 19, 2024
Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An...
Low
Unreviewed
CVE-2024-22458
was published
Mar 1, 2024
A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as...
Low
Unreviewed
CVE-2023-2900
was published
May 25, 2023
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the...
Low
Unreviewed
CVE-2020-14264
was published
May 24, 2022
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated...
Low
Unreviewed
CVE-2021-34688
was published
May 24, 2022
GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.
Low
Unreviewed
CVE-2020-23250
was published
May 24, 2022
An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect...
Low
Unreviewed
CVE-2020-13132
was published
May 24, 2022
D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the...
Low
Unreviewed
CVE-2020-13135
was published
May 24, 2022
A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e...
Low
Unreviewed
CVE-2019-5106
was published
May 24, 2022
A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR...
Low
Unreviewed
CVE-2019-18340
was published
May 24, 2022
Use of a weak cryptographic algorithm in Gradle
Low
CVE-2019-16370
was published
for
org.gradle:gradle-core
(Maven)
May 24, 2022
Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local...
Low
Unreviewed
CVE-2008-3775
was published
May 2, 2022
In-band key negotiation issue in AWS S3 Crypto SDK for golang
Low
CVE-2020-8912
was published
for
github.com/aws/aws-sdk-go
(Go)
Feb 11, 2022
Use of Sha-1 in tusdotnet
Low
CVE-2021-44150
was published
for
tusdotnet
(NuGet)
Nov 29, 2021
•
withdrawn
Use of a Broken or Risky Cryptographic Algorithm
Low
CVE-2021-27913
was published
for
mautic/core
(Composer)
Sep 1, 2021
Password Hashing: Do not use MD5
Low
CVE-2020-5229
was published
for
org.opencastproject:opencast-common-jpa-impl
(Maven)
Jan 30, 2020
ProTip!
Advisories are also available from the
GraphQL API