GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
180 advisories
Filter by severity
This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at...
High
Unreviewed
CVE-2024-51556
was published
Nov 4, 2024
YesWiki Uses a Broken or Risky Cryptographic Algorithm
High
CVE-2024-51478
was published
for
yeswiki/yeswiki
(Composer)
Oct 31, 2024
Portainer improperly uses an encryption algorithm in the AesEncrypt function
High
CVE-2024-33662
was published
for
github.com/portainer/portainer
(Go)
Oct 2, 2024
Certain switch models from PLANET Technology only support obsolete algorithms for authentication...
High
Unreviewed
CVE-2024-8452
was published
Sep 30, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky...
High
Unreviewed
CVE-2024-39583
was published
Sep 10, 2024
Beego privilege escalation vulnerability
High
CVE-2024-40465
was published
for
github.com/beego/beego/v2
(Go)
Jul 31, 2024
Windows Cryptographic Services Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-30098
was published
Jul 9, 2024
TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 was discovered to insecurely...
High
Unreviewed
CVE-2024-35537
was published
Jun 21, 2024
Authlib has algorithm confusion with asymmetric public keys
High
CVE-2024-37568
was published
for
authlib
(pip)
Jun 9, 2024
Web application manifests were stored by using an insecure MD5 hash which allowed for a hash...
High
Unreviewed
CVE-2024-4765
was published
May 14, 2024
python-jose algorithm confusion with OpenSSH ECDSA keys
High
CVE-2024-33663
was published
for
python-jose
(pip)
Apr 26, 2024
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic...
High
Unreviewed
CVE-2024-22463
was published
Mar 4, 2024
Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.
High
CVE-2023-51838
was published
for
meshcentral
(npm)
Feb 2, 2024
The authentication cookies are generated using an algorithm based on the username, hardcoded...
High
Unreviewed
CVE-2023-49259
was published
Jan 12, 2024
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption,...
High
Unreviewed
CVE-2023-50350
was published
Jan 3, 2024
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not...
High
Unreviewed
CVE-2021-46900
was published
Dec 31, 2023
jose4j uses weak cryptographic algorithm
High
CVE-2023-31582
was published
for
org.bitbucket.b_c:jose4j
(Maven)
Oct 25, 2023
free5GC udm vulnerable to Invalid Curve Attack
High
CVE-2023-46324
was published
for
github.com/free5gc/udm
(Go)
Oct 23, 2023
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2023-30994
was published
Oct 14, 2023
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2022-33160
was published
Oct 7, 2023
A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By...
High
Unreviewed
CVE-2023-3350
was published
Oct 3, 2023
Vault Key Sealed With SHA1 PCRs
The measured boot solution implemented in EVE OS leans on...
High
Unreviewed
CVE-2023-43635
was published
Sep 20, 2023
IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2023-38730
was published
Aug 28, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration...
High
Unreviewed
CVE-2023-4331
was published
Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration...
High
Unreviewed
CVE-2023-4326
was published
Aug 15, 2023
ProTip!
Advisories are also available from the
GraphQL API