GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
437 advisories
Filter by severity
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to...
Moderate
Unreviewed
CVE-2023-40371
was published
Aug 24, 2023
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable...
Moderate
Unreviewed
CVE-2024-22318
was published
Feb 9, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Low
Unreviewed
CVE-2023-37396
was published
Apr 19, 2024
Elixir can leak information due to weak use of crypto
High
CVE-2012-2146
was published
for
Elixir
(pip)
May 17, 2022
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard...
High
Unreviewed
CVE-2022-1252
was published
Apr 12, 2022
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky...
High
Unreviewed
CVE-2024-39583
was published
Sep 10, 2024
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-37068
was published
Sep 7, 2024
There is a possible escalation of privilege due to improperly used crypto. This could lead to...
Critical
Unreviewed
CVE-2024-32911
was published
Jun 13, 2024
Silver vulnerable to MitM attack against implants due to a cryptography vulnerability
High
CVE-2023-34758
was published
for
github.com/bishopfox/sliver
(Go)
Jun 21, 2023
Use of a Broken or Risky Cryptographic Algorithm in Terraform
High
CVE-2019-19316
was published
for
github.com/hashicorp/terraform
(Go)
May 18, 2021
Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation...
Critical
Unreviewed
CVE-2024-0323
was published
Feb 5, 2024
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4327
was published
Aug 15, 2023
Security issues in AWS KMS and AWS Encryption SDKs: in-band protocol negotiation and robustness
High
CVE-2020-8897
was published
for
aws-encryption-sdk
(Maven)
Oct 12, 2021
python-jose algorithm confusion with OpenSSH ECDSA keys
High
CVE-2024-33663
was published
for
python-jose
(pip)
Apr 26, 2024
Web application manifests were stored by using an insecure MD5 hash which allowed for a hash...
High
Unreviewed
CVE-2024-4765
was published
May 14, 2024
Kwik does not discard unused encryption keys
Moderate
CVE-2024-22588
was published
for
tech.kwik:kwik
(Maven)
May 24, 2024
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-39745
was published
Aug 22, 2024
Authlib has algorithm confusion with asymmetric public keys
High
CVE-2024-37568
was published
for
authlib
(pip)
Jun 9, 2024
Gorush uses deprecated TLS versions
Moderate
CVE-2024-41270
was published
for
github.com/appleboy/gorush
(Go)
Aug 6, 2024
Beego privilege escalation vulnerability
High
CVE-2024-40465
was published
for
github.com/beego/beego/v2
(Go)
Jul 31, 2024
Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm...
Moderate
Unreviewed
CVE-2024-28972
was published
Aug 1, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-39731
was published
Jul 15, 2024
Windows Cryptographic Services Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-30098
was published
Jul 9, 2024
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be...
Moderate
Unreviewed
CVE-2023-41927
was published
Jul 2, 2024
ProTip!
Advisories are also available from the
GraphQL API