GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
214 advisories
Filter by severity
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be...
Moderate
Unreviewed
CVE-2023-41927
was published
Jul 2, 2024
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic...
Moderate
Unreviewed
CVE-2023-41928
was published
Jul 2, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the...
Moderate
Unreviewed
CVE-2023-6240
was published
Feb 4, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected...
Moderate
Unreviewed
CVE-2023-38371
was published
Jun 27, 2024
Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an...
Moderate
Unreviewed
CVE-2024-29175
was published
Jun 26, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med...
Moderate
Unreviewed
CVE-2024-3264
was published
Jun 24, 2024
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
Moderate
CVE-2022-23540
was published
for
jsonwebtoken
(npm)
Dec 22, 2022
CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could
cause...
Moderate
Unreviewed
CVE-2024-5559
was published
Jun 12, 2024
The Progress MOVEit Automation configuration export function prior to 2024.0.1 uses a...
Moderate
Unreviewed
CVE-2024-4563
was published
May 22, 2024
CBC padding oracle issue in AWS S3 Crypto SDK for golang
Moderate
CVE-2020-8911
was published
for
github.com/aws/aws-sdk-go
(Go)
Feb 11, 2022
fuel/core Crypt encryption compromised.
Moderate
GHSA-fgrx-4637-fcf5
was published
for
fuel/core
(Composer)
May 15, 2024
asymmetricrypt/asymmetricrypt Padding Oracle Vulnerability in RSA Encryption
Moderate
GHSA-87mp-xc4x-x8rh
was published
for
asymmetricrypt/asymmetricrypt
(Composer)
May 15, 2024
PHP Censor uses a weak hashing algorithm for the remember me key
Moderate
CVE-2024-34914
was published
for
php-censor/php-censor
(Composer)
May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of a broken or risky...
Moderate
Unreviewed
CVE-2024-25968
was published
May 14, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2023-40696
was published
May 3, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2020-4874
was published
May 3, 2024
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can...
Moderate
Unreviewed
CVE-2022-45170
was published
Apr 14, 2023
On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture...
Moderate
Unreviewed
CVE-2019-11341
was published
May 24, 2022
Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated...
Moderate
Unreviewed
CVE-2023-28053
was published
Dec 22, 2023
Windows Authentication Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-29056
was published
Apr 9, 2024
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A...
Moderate
Unreviewed
CVE-2023-39252
was published
Sep 21, 2023
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused...
Moderate
Unreviewed
CVE-2023-35890
was published
Jul 7, 2023
The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure...
Moderate
Unreviewed
CVE-2023-36608
was published
Jul 3, 2023
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade...
Moderate
Unreviewed
CVE-2023-28043
was published
Jun 1, 2023
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support...
Moderate
Unreviewed
CVE-2022-40722
was published
Apr 25, 2023
ProTip!
Advisories are also available from the
GraphQL API