Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

425 advisories

Loading
In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component... Moderate Unreviewed
CVE-2021-41061 was published May 24, 2022
The user identification mechanism used by CyberArk Credential Provider prior to 12.1 is... Moderate Unreviewed
CVE-2021-31797 was published May 24, 2022
An inadequate encryption vulnerability discovered in CyberArk Credential Provider before 12.1 may... High Unreviewed
CVE-2021-31796 was published May 24, 2022
The effective key space used to encrypt the cache in CyberArk Credential Provider prior to 12.1... Moderate Unreviewed
CVE-2021-31798 was published May 24, 2022
Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such... Moderate Unreviewed
CVE-2021-39272 was published May 24, 2022
In SapphireIMS 4097_1, the password in the database is stored in Base64 format. High Unreviewed
CVE-2017-16632 was published May 24, 2022
In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment... Moderate Unreviewed
CVE-2021-37540 was published May 24, 2022
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted... Moderate Unreviewed
CVE-2021-37546 was published May 24, 2022
In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256. Moderate Unreviewed
CVE-2021-37551 was published May 24, 2022
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net:... High Unreviewed
CVE-2021-32066 was published May 24, 2022
In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data. Moderate Unreviewed
CVE-2021-37588 was published May 24, 2022
In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data. Moderate Unreviewed
CVE-2021-37587 was published May 24, 2022
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected... High Unreviewed
CVE-2021-20337 was published May 24, 2022
A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS,... Moderate Unreviewed
CVE-2021-36769 was published May 24, 2022
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2021-20360 was published May 24, 2022
IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could... Moderate Unreviewed
CVE-2021-20369 was published May 24, 2022
IBM Tivoli Netcool/Impact 7.1.0.20 and 7.1.0.21 uses an insecure SSH server configuration which... High Unreviewed
CVE-2021-29794 was published May 24, 2022
A missing cryptographic step in the implementation of the hash digest algorithm in FortiMail 6.4... Critical Unreviewed
CVE-2021-24020 was published May 24, 2022
Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C library, which makes it... High Unreviewed
CVE-2021-34430 was published May 24, 2022
SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength... Moderate Unreviewed
CVE-2021-32496 was published May 24, 2022
Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2... Moderate Unreviewed
CVE-2021-31615 was published May 24, 2022
Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1... Moderate Unreviewed
CVE-2021-25392 was published May 24, 2022
Example EDK2 encrypted private key in the IpSecDxe.efi present potential security risks. High Unreviewed
CVE-2021-28213 was published May 24, 2022
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic... Critical Unreviewed
CVE-2021-27200 was published May 24, 2022
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0... High Unreviewed
CVE-2020-15387 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database