Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

149 advisories

Loading
This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at... High Unreviewed
CVE-2024-51556 was published Nov 4, 2024
Certain switch models from PLANET Technology only support obsolete algorithms for authentication... High Unreviewed
CVE-2024-8452 was published Sep 30, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky... High Unreviewed
CVE-2024-39583 was published Sep 10, 2024
Windows Cryptographic Services Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-30098 was published Jul 9, 2024
TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 was discovered to insecurely... High Unreviewed
CVE-2024-35537 was published Jun 21, 2024
Web application manifests were stored by using an insecure MD5 hash which allowed for a hash... High Unreviewed
CVE-2024-4765 was published May 14, 2024
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic... High Unreviewed
CVE-2024-22463 was published Mar 4, 2024
The authentication cookies are generated using an algorithm based on the username, hardcoded... High Unreviewed
CVE-2023-49259 was published Jan 12, 2024
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption,... High Unreviewed
CVE-2023-50350 was published Jan 3, 2024
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not... High Unreviewed
CVE-2021-46900 was published Dec 31, 2023
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2023-30994 was published Oct 14, 2023
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2022-33160 was published Oct 7, 2023
A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By... High Unreviewed
CVE-2023-3350 was published Oct 3, 2023
Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on... High Unreviewed
CVE-2023-43635 was published Sep 20, 2023
IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic... High Unreviewed
CVE-2023-38730 was published Aug 28, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration... High Unreviewed
CVE-2023-4331 was published Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration... High Unreviewed
CVE-2023-4326 was published Aug 15, 2023
HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can... High Unreviewed
CVE-2023-23346 was published Aug 9, 2023
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can... High Unreviewed
CVE-2023-23347 was published Aug 9, 2023
IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that... High Unreviewed
CVE-2021-38933 was published Jul 19, 2023
there is a possible way to bypass cryptographic assurances due to a logic error in the code. This... High Unreviewed
CVE-2023-21399 was published Jul 13, 2023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM... High Unreviewed
CVE-2023-36749 was published Jul 11, 2023
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2023-26276 was published Jun 27, 2023
The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered... High Unreviewed
CVE-2023-28006 was published Jun 23, 2023
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type... High Unreviewed
CVE-2023-21115 was published Jun 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database