GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,578

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

380 advisories

Filter by severity

Sort by

Least recently updated

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than... Moderate Unreviewed

CVE-2024-22347 was published Jan 20, 2025

A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used... High Unreviewed

CVE-2024-8603 was published Jan 15, 2025

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an... Moderate Unreviewed

CVE-2022-46140 was published Dec 13, 2022

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow a remote attacker to... Moderate Unreviewed

CVE-2024-52366 was published Jan 7, 2025

IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected... Moderate Unreviewed

CVE-2024-41763 was published Jan 4, 2025

Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm High Unreviewed

CVE-2024-47921 was published Dec 30, 2024

Weak algorithm used to sign RPM package. The following products are affected: Acronis Cyber... Low Unreviewed

CVE-2024-55539 was published Dec 23, 2024

Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic... Moderate Unreviewed

CVE-2024-28980 was published Dec 13, 2024

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information... Low Unreviewed

CVE-2023-37395 was published Dec 11, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed

CVE-2024-41775 was published Dec 3, 2024

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed

CVE-2023-40660 was published Nov 6, 2023

A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits... Moderate Unreviewed

CVE-2024-28834 was published Mar 21, 2024

In modem, there is a possible information disclosure due to using risky cryptographic algorithm... Moderate Unreviewed

CVE-2024-20070 was published Jun 3, 2024

IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed

CVE-2024-43189 was published Nov 15, 2024

This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at... High Unreviewed

CVE-2024-51556 was published Nov 4, 2024

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user... Moderate Unreviewed

CVE-2020-11916 was published Nov 7, 2024

A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware... Moderate Unreviewed

CVE-2023-5962 was published Dec 23, 2023

A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as... Moderate Unreviewed

CVE-2024-10128 was published Oct 18, 2024

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a... Moderate Unreviewed

CVE-2024-48016 was published Oct 18, 2024

The authentication cookies are generated using an algorithm based on the username, hardcoded... High Unreviewed

CVE-2023-49259 was published Jan 12, 2024

Certain switch models from PLANET Technology only support obsolete algorithms for authentication... High Unreviewed

CVE-2024-8452 was published Sep 30, 2024

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware... Moderate Unreviewed

CVE-2023-51392 was published Feb 23, 2024

SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and... Moderate Unreviewed

CVE-2023-37484 was published Aug 8, 2023

Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed

CVE-2023-4327 was published Aug 15, 2023

A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By... High Unreviewed

CVE-2023-3350 was published Oct 3, 2023

Previous 1 2 3 4 5 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

380 advisories