Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

179 advisories

Loading
HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm. High Unreviewed
CVE-2022-37177 was published Aug 30, 2022
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database... High Unreviewed
CVE-2021-27784 was published Nov 1, 2022
IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2022-34319 was published Nov 14, 2022
IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker... High Unreviewed
CVE-2022-34320 was published Nov 15, 2022
IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could... High Unreviewed
CVE-2022-34361 was published Dec 6, 2022
IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2022-38391 was published Dec 20, 2022
jsonwebtoken unrestricted key type could lead to legacy keys usage High
CVE-2022-23539 was published for jsonwebtoken (npm) Dec 22, 2022
IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2022-22461 was published Dec 22, 2022
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected... High Unreviewed
CVE-2022-43917 was published Jan 26, 2023
IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker... High Unreviewed
CVE-2022-22462 was published Jan 26, 2023
Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A... High Unreviewed
CVE-2022-34444 was published Feb 11, 2023
Some cryptographic issues in Fortinet FortiNAC versions 9.4.0 through 9.4.1, 9.2.0 through 9.2.7,... High Unreviewed
CVE-2022-40675 was published Feb 16, 2023
TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin... High Unreviewed
CVE-2023-23040 was published Feb 22, 2023
SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols... High Unreviewed
CVE-2023-22812 was published Mar 24, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... High Unreviewed
CVE-2023-28509 was published Mar 29, 2023
IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2... High Unreviewed
CVE-2023-27557 was published Apr 28, 2023
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11... High Unreviewed
CVE-2023-30441 was published Apr 29, 2023
A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2... High Unreviewed
CVE-2022-45858 was published May 4, 2023
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2022-22313 was published May 6, 2023
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm... High Unreviewed
CVE-2023-28076 was published May 16, 2023
A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1... High Unreviewed
CVE-2022-43949 was published Jun 13, 2023
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type... High Unreviewed
CVE-2023-21115 was published Jun 15, 2023
The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered... High Unreviewed
CVE-2023-28006 was published Jun 23, 2023
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an... High Unreviewed
CVE-2023-26276 was published Jun 27, 2023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM... High Unreviewed
CVE-2023-36749 was published Jul 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database