GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
214 advisories
Filter by severity
PHP Censor uses a weak hashing algorithm for the remember me key
Moderate
CVE-2024-34914
was published
for
php-censor/php-censor
(Composer)
May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of a broken or risky...
Moderate
Unreviewed
CVE-2024-25968
was published
May 14, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2020-4874
was published
May 3, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2023-40696
was published
May 3, 2024
Windows Authentication Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-29056
was published
Apr 9, 2024
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for...
Moderate
Unreviewed
CVE-2023-50313
was published
Apr 2, 2024
Withdrawn: JJWT improperly generates signing keys
Moderate
CVE-2024-31033
was published
for
io.jsonwebtoken:jjwt-impl
(Maven)
Apr 1, 2024
•
withdrawn
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic...
Moderate
Unreviewed
CVE-2024-25963
was published
Mar 28, 2024
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits...
Moderate
Unreviewed
CVE-2024-28834
was published
Mar 21, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3...
Moderate
Unreviewed
CVE-2024-27255
was published
Mar 3, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than...
Moderate
Unreviewed
CVE-2023-50312
was published
Mar 1, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware...
Moderate
Unreviewed
CVE-2023-51392
was published
Feb 23, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2022-34309
was published
Feb 12, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2022-34310
was published
Feb 12, 2024
IBM Semeru Runtime 8.0.302.0 through 8.0.392.0, 11.0.12.0 through 11.0.21.0, 17.0.1.0 - 17.0.9.0,...
Moderate
Unreviewed
CVE-2024-22361
was published
Feb 10, 2024
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable...
Moderate
Unreviewed
CVE-2024-22318
was published
Feb 9, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the...
Moderate
Unreviewed
CVE-2023-6240
was published
Feb 4, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow...
Moderate
Unreviewed
CVE-2023-50937
was published
Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow...
Moderate
Unreviewed
CVE-2023-50939
was published
Feb 2, 2024
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker...
Moderate
Unreviewed
CVE-2024-1040
was published
Feb 2, 2024
CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential
Moderate
CVE-2024-21670
was published
for
anoncreds-clsignatures
(Rust)
Jan 16, 2024
Ursa CL-Signatures Revocation allows verifiers to generate unique identifiers for holders
Moderate
CVE-2024-22192
was published
for
anoncreds-clsignatures
(Rust)
Jan 16, 2024
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware...
Moderate
Unreviewed
CVE-2023-5962
was published
Dec 23, 2023
Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated...
Moderate
Unreviewed
CVE-2023-28053
was published
Dec 22, 2023
IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms...
Moderate
Unreviewed
CVE-2022-43843
was published
Dec 14, 2023
ProTip!
Advisories are also available from the
GraphQL API