Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

214 advisories

Loading
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-34310 was published Feb 12, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-34309 was published Feb 12, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware... Moderate Unreviewed
CVE-2023-51392 was published Feb 23, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than... Moderate Unreviewed
CVE-2023-50312 was published Mar 1, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2024-27255 was published Mar 3, 2024
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits... Moderate Unreviewed
CVE-2024-28834 was published Mar 21, 2024
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic... Moderate Unreviewed
CVE-2024-25963 was published Mar 28, 2024
Withdrawn: JJWT improperly generates signing keys Moderate
CVE-2024-31033 was published for io.jsonwebtoken:jjwt-impl (Maven) Apr 1, 2024 withdrawn
ebickle
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for... Moderate Unreviewed
CVE-2023-50313 was published Apr 2, 2024
Windows Authentication Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-29056 was published Apr 9, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2023-40696 was published May 3, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2020-4874 was published May 3, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of a broken or risky... Moderate Unreviewed
CVE-2024-25968 was published May 14, 2024
PHP Censor uses a weak hashing algorithm for the remember me key Moderate
CVE-2024-34914 was published for php-censor/php-censor (Composer) May 14, 2024
asymmetricrypt/asymmetricrypt Padding Oracle Vulnerability in RSA Encryption Moderate
GHSA-87mp-xc4x-x8rh was published for asymmetricrypt/asymmetricrypt (Composer) May 15, 2024
fuel/core Crypt encryption compromised. Moderate
GHSA-fgrx-4637-fcf5 was published for fuel/core (Composer) May 15, 2024
The Progress MOVEit Automation configuration export function prior to 2024.0.1 uses a... Moderate Unreviewed
CVE-2024-4563 was published May 22, 2024
Kwik does not discard unused encryption keys Moderate
CVE-2024-22588 was published for tech.kwik:kwik (Maven) May 24, 2024
In modem, there is a possible information disclosure due to using risky cryptographic algorithm... Moderate Unreviewed
CVE-2024-20070 was published Jun 3, 2024
CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause... Moderate Unreviewed
CVE-2024-5559 was published Jun 12, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med... Moderate Unreviewed
CVE-2024-3264 was published Jun 24, 2024
Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an... Moderate Unreviewed
CVE-2024-29175 was published Jun 26, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected... Moderate Unreviewed
CVE-2023-38371 was published Jun 27, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky... Moderate Unreviewed
CVE-2024-32852 was published Jul 2, 2024
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be... Moderate Unreviewed
CVE-2023-41927 was published Jul 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database