Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

445 advisories

Loading
This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at... High Unreviewed
CVE-2024-51556 was published Nov 4, 2024
YesWiki Uses a Broken or Risky Cryptographic Algorithm High
CVE-2024-51478 was published for yeswiki/yeswiki (Composer) Oct 31, 2024
Nishacid
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as... Moderate Unreviewed
CVE-2024-10128 was published Oct 18, 2024
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a... Moderate Unreviewed
CVE-2024-48016 was published Oct 18, 2024
Portainer improperly uses an encryption algorithm in the AesEncrypt function High
CVE-2024-33662 was published for github.com/portainer/portainer (Go) Oct 2, 2024
Certain switch models from PLANET Technology only support obsolete algorithms for authentication... High Unreviewed
CVE-2024-8452 was published Sep 30, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky... High Unreviewed
CVE-2024-39583 was published Sep 10, 2024
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected... Moderate Unreviewed
CVE-2024-37068 was published Sep 7, 2024
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected... Moderate Unreviewed
CVE-2024-39745 was published Aug 22, 2024
Gorush uses deprecated TLS versions Moderate
CVE-2024-41270 was published for github.com/appleboy/gorush (Go) Aug 6, 2024
Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm... Moderate Unreviewed
CVE-2024-28972 was published Aug 1, 2024
Beego privilege escalation vulnerability High
CVE-2024-40465 was published for github.com/beego/beego/v2 (Go) Jul 31, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected... Moderate Unreviewed
CVE-2024-39731 was published Jul 15, 2024
Windows Cryptographic Services Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-30098 was published Jul 9, 2024
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be... Moderate Unreviewed
CVE-2023-41927 was published Jul 2, 2024
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic... Moderate Unreviewed
CVE-2023-41928 was published Jul 2, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky... Moderate Unreviewed
CVE-2024-32852 was published Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected... Moderate Unreviewed
CVE-2023-38371 was published Jun 27, 2024
Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an... Moderate Unreviewed
CVE-2024-29175 was published Jun 26, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med... Moderate Unreviewed
CVE-2024-3264 was published Jun 24, 2024
TVS Motor Company Limited TVS Connect Android v4.6.0 and IOS v5.0.0 was discovered to insecurely... High Unreviewed
CVE-2024-35537 was published Jun 21, 2024
There is a possible escalation of privilege due to improperly used crypto. This could lead to... Critical Unreviewed
CVE-2024-32911 was published Jun 13, 2024
CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause... Moderate Unreviewed
CVE-2024-5559 was published Jun 12, 2024
Authlib has algorithm confusion with asymmetric public keys High
CVE-2024-37568 was published for authlib (pip) Jun 9, 2024
In modem, there is a possible information disclosure due to using risky cryptographic algorithm... Unknown Unreviewed
CVE-2024-20070 was published Jun 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database