GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
205 advisories
Filter by severity
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user...
Moderate
Unreviewed
CVE-2020-11916
was published
Nov 7, 2024
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware...
Moderate
Unreviewed
CVE-2023-5962
was published
Dec 23, 2023
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as...
Moderate
Unreviewed
CVE-2024-10128
was published
Oct 18, 2024
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a...
Moderate
Unreviewed
CVE-2024-48016
was published
Oct 18, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware...
Moderate
Unreviewed
CVE-2023-51392
was published
Feb 23, 2024
SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and...
Moderate
Unreviewed
CVE-2023-37484
was published
Aug 8, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4327
was published
Aug 15, 2023
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable...
Moderate
Unreviewed
CVE-2024-22318
was published
Feb 9, 2024
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to...
Moderate
Unreviewed
CVE-2023-40371
was published
Aug 24, 2023
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-37068
was published
Sep 7, 2024
Kwik does not discard unused encryption keys
Moderate
CVE-2024-22588
was published
for
tech.kwik:kwik
(Maven)
May 24, 2024
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-39745
was published
Aug 22, 2024
Gorush uses deprecated TLS versions
Moderate
CVE-2024-41270
was published
for
github.com/appleboy/gorush
(Go)
Aug 6, 2024
Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm...
Moderate
Unreviewed
CVE-2024-28972
was published
Aug 1, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-39731
was published
Jul 15, 2024
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be...
Moderate
Unreviewed
CVE-2023-41927
was published
Jul 2, 2024
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic...
Moderate
Unreviewed
CVE-2023-41928
was published
Jul 2, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky...
Moderate
Unreviewed
CVE-2024-32852
was published
Jul 2, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the...
Moderate
Unreviewed
CVE-2023-6240
was published
Feb 4, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected...
Moderate
Unreviewed
CVE-2023-38371
was published
Jun 27, 2024
Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an...
Moderate
Unreviewed
CVE-2024-29175
was published
Jun 26, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med...
Moderate
Unreviewed
CVE-2024-3264
was published
Jun 24, 2024
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
Moderate
CVE-2022-23540
was published
for
jsonwebtoken
(npm)
Dec 22, 2022
CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could
cause...
Moderate
Unreviewed
CVE-2024-5559
was published
Jun 12, 2024
The Progress MOVEit Automation configuration export function prior to 2024.0.1 uses a...
Moderate
Unreviewed
CVE-2024-4563
was published
May 22, 2024
ProTip!
Advisories are also available from the
GraphQL API