Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

415 advisories

Loading
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks High
CVE-2022-3273 was published for rdiffweb (pip) Oct 6, 2022
In affected versions of Octopus Server it was identified that the same encryption process was... Moderate Unreviewed
CVE-2022-2781 was published Oct 6, 2022
A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to... High Unreviewed
CVE-2022-40141 was published Sep 20, 2022
WD Discovery software executable files were signed with an unsafe SHA-1 hashing algorithm. An... Moderate Unreviewed
CVE-2022-29835 was published Sep 20, 2022
The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a... Critical Unreviewed
CVE-2021-42949 was published Sep 17, 2022
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a Violation of Secure... Moderate Unreviewed
CVE-2022-30683 was published Sep 17, 2022
Blink1Control2 uses weak password encryption High
CVE-2022-35513 was published for Blink1Control2 (npm) Sep 8, 2022
The Simple Single Sign On WordPress plugin through 4.1.0 leaks its OAuth client_secret, which... High Unreviewed
CVE-2022-2083 was published Sep 6, 2022
All versions of LS Industrial Systems (LSIS) Co. Ltd LS Electric PLCs and XG5000 PLC programming... Moderate Unreviewed
CVE-2022-2758 was published Sep 1, 2022
Hytec Inter HWL-2511-SS v1.05 and below implements a SHA512crypt hash for the root account which... Critical Unreviewed
CVE-2022-36555 was published Aug 30, 2022
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an... High Unreviewed
CVE-2022-21139 was published Aug 19, 2022
Apache OpenOffice supports the storage of passwords for web connections in the user's... High Unreviewed
CVE-2022-37401 was published Aug 16, 2022
Apache OpenOffice supports the storage of passwords for web connections in the user's... High Unreviewed
CVE-2022-37400 was published Aug 16, 2022
On specific devices, there is a possible bypass of configuration integrity due to improperly used... High Unreviewed
CVE-2022-20374 was published Aug 12, 2022
LibreOffice supports the storage of passwords for web connections in the user’s configuration... High Unreviewed
CVE-2022-26307 was published Jul 26, 2022
LibreOffice supports the storage of passwords for web connections in the user’s configuration... High Unreviewed
CVE-2022-26306 was published Jul 26, 2022
In Couchbase Server 7.1.x before 7.1.1, an encrypted Private Key passphrase may be leaked in the... Moderate Unreviewed
CVE-2022-34826 was published Jul 16, 2022
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0... Moderate Unreviewed
CVE-2022-32222 was published Jul 15, 2022
IBM Security Verify Identity Manager 10.0 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2022-22453 was published Jul 15, 2022
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than... High Unreviewed
CVE-2022-22464 was published Jul 9, 2022
AES OCB fails to encrypt some bytes High
CVE-2022-2097 was published for openssl-src (Rust) Jul 6, 2022
another-rex
Reversible One-Way Hash in io.github.javaezlib:JavaEZ High
CVE-2022-29249 was published for io.github.javaezlib:JavaEZ (Maven) May 25, 2022
Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control... Moderate Unreviewed
CVE-2015-5361 was published May 24, 2022
IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a... High Unreviewed
CVE-2020-4778 was published May 24, 2022
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform ... High Unreviewed
CVE-2019-13539 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database