GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Inadequate Encryption Strength in Jenkins
Moderate
CVE-2017-2598
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Inadequate Encryption Strength in showdoc
Moderate
CVE-2021-3680
was published
for
showdoc/showdoc
(Composer)
Sep 1, 2021
Hash collision in typelevel jawn
Moderate
CVE-2022-21653
was published
for
org.typelevel:jawn-parser
(Maven)
Jan 6, 2022
Inadequate Encryption Strength in Apache CXF
Moderate
CVE-2012-5575
was published
for
org.apache.cxf:cxf-rt-transports-http
(Maven)
May 13, 2022
AWS S3 Crypto SDK sends an unencrypted hash of the plaintext alongside the ciphertext as a metadata field
Moderate
CVE-2022-2582
was published
for
github.com/aws/aws-sdk-go
(Go)
Dec 28, 2022
Use of a Broken or Risky Cryptographic Algorithm in XWiki Crypto API
Moderate
CVE-2022-29161
was published
for
org.xwiki.platform:xwiki-platform-crypto
(Maven)
May 24, 2022
Dgraph Audit Log Encryption Vulnerability
Moderate
CVE-2023-31135
was published
for
github.com/dgraph-io/dgraph
(Go)
May 17, 2023
TYPO3 is vulnerable to insecure randomness during hash generation in forgot password function
Moderate
CVE-2010-3670
was published
for
typo3/cms-frontend
(Composer)
Apr 21, 2022
SimpleSAMLphp Incorrect IV generation for encryption
Moderate
CVE-2017-12871
was published
for
simplesamlphp/simplesamlphp
(Composer)
May 17, 2022
Weak encryption in Ninja Core
Moderate
CVE-2024-36823
was published
for
org.ninjaframework:ninja-core
(Maven)
Jun 7, 2024
Beaker Sensitive Information Disclosure vulnerability
Moderate
CVE-2012-3458
was published
for
beaker
(pip)
May 17, 2022
Apache Answer: Avatar URL leaked user email addresses
Moderate
CVE-2024-40761
was published
for
github.com/apache/incubator-answer
(Go)
Sep 25, 2024
mycli has Inadequate Encryption Strength
Moderate
CVE-2023-44690
was published
for
mycli
(pip)
Oct 20, 2023
ProTip!
Advisories are also available from the
GraphQL API