Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

214 advisories

Loading
The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively... Moderate Unreviewed
CVE-2022-24403 was published Dec 5, 2023
Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software,... Moderate Unreviewed
CVE-2021-27795 was published Dec 6, 2023
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to... Moderate Unreviewed
CVE-2023-26024 was published Dec 1, 2023
IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms... Moderate Unreviewed
CVE-2022-43843 was published Dec 14, 2023
A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka ... Moderate Unreviewed
CVE-2020-1596 was published May 24, 2022
CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential Moderate
CVE-2024-21670 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
Ursa CL-Signatures Revocation allows verifiers to generate unique identifiers for holders Moderate
CVE-2024-22192 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed
CVE-2023-50939 was published Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed
CVE-2023-50937 was published Feb 2, 2024
Laravel Framework XSS in Blade templating engine Moderate
CVE-2021-43808 was published for illuminate/view (Composer) Dec 8, 2021
chinpei215
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker... Moderate Unreviewed
CVE-2024-1040 was published Feb 2, 2024
IBM Semeru Runtime 8.0.302.0 through 8.0.392.0, 11.0.12.0 through 11.0.21.0, 17.0.1.0 - 17.0.9.0,... Moderate Unreviewed
CVE-2024-22361 was published Feb 10, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-34310 was published Feb 12, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-34309 was published Feb 12, 2024
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead... Moderate Unreviewed
CVE-2005-2946 was published May 1, 2022
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt,... Moderate Unreviewed
CVE-2002-2058 was published Apr 30, 2022
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5... Moderate Unreviewed
CVE-2008-3188 was published May 1, 2022
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash,... Moderate Unreviewed
CVE-2007-6013 was published May 1, 2022
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering... Moderate Unreviewed
CVE-2022-29959 was published Aug 17, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for... Moderate Unreviewed
CVE-2022-29960 was published Jul 27, 2022
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the... Moderate Unreviewed
CVE-2005-4860 was published May 1, 2022
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm... Moderate Unreviewed
CVE-2022-30320 was published Jul 29, 2022
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than... Moderate Unreviewed
CVE-2023-50312 was published Mar 1, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2024-27255 was published Mar 3, 2024
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic... Moderate Unreviewed
CVE-2024-25963 was published Mar 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database