GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
149 advisories
Filter by severity
This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at...
High
Unreviewed
CVE-2024-51556
was published
Nov 4, 2024
The authentication cookies are generated using an algorithm based on the username, hardcoded...
High
Unreviewed
CVE-2023-49259
was published
Jan 12, 2024
Certain switch models from PLANET Technology only support obsolete algorithms for authentication...
High
Unreviewed
CVE-2024-8452
was published
Sep 30, 2024
A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By...
High
Unreviewed
CVE-2023-3350
was published
Oct 3, 2023
Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository gnuboard...
High
Unreviewed
CVE-2022-1252
was published
Apr 12, 2022
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky...
High
Unreviewed
CVE-2024-39583
was published
Sep 10, 2024
Web application manifests were stored by using an insecure MD5 hash which allowed for a hash...
High
Unreviewed
CVE-2024-4765
was published
May 14, 2024
Windows Cryptographic Services Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-30098
was published
Jul 9, 2024
TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 was discovered to insecurely...
High
Unreviewed
CVE-2024-35537
was published
Jun 21, 2024
OpenSSL 1.0.2 supports SSLv2. If a client attempts to negotiate SSLv2 with a server that is...
High
Unreviewed
CVE-2021-23839
was published
May 24, 2022
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low...
High
Unreviewed
CVE-2019-9506
was published
May 24, 2022
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2023-26276
was published
Jun 27, 2023
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2023-30994
was published
Oct 14, 2023
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2022-33160
was published
Oct 7, 2023
Vault Key Sealed With SHA1 PCRs
The measured boot solution implemented in EVE OS leans on...
High
Unreviewed
CVE-2023-43635
was published
Sep 20, 2023
IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2023-38730
was published
Aug 28, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration...
High
Unreviewed
CVE-2023-4331
was published
Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration...
High
Unreviewed
CVE-2023-4326
was published
Aug 15, 2023
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can...
High
Unreviewed
CVE-2023-23347
was published
Aug 9, 2023
HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can...
High
Unreviewed
CVE-2023-23346
was published
Aug 9, 2023
IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2021-38933
was published
Jul 19, 2023
there is a possible way to bypass cryptographic assurances due to a logic error in the code. This...
High
Unreviewed
CVE-2023-21399
was published
Jul 13, 2023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM...
High
Unreviewed
CVE-2023-36749
was published
Jul 11, 2023
The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered...
High
Unreviewed
CVE-2023-28006
was published
Jun 23, 2023
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type...
High
Unreviewed
CVE-2023-21115
was published
Jun 15, 2023
ProTip!
Advisories are also available from the
GraphQL API