Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,608
Erlang
33
GitHub Actions
25
Go
2,221
Maven
5,000+
npm
3,893
NuGet
701
pip
3,659
Pub
12
RubyGems
913
Rust
942
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

402 advisories

Loading
A vulnerability was found in Netis WF-2404 1.1.124EN. It has been rated as problematic. This... Low Unreviewed
CVE-2025-2920 was published Mar 28, 2025
IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2024-31896 was published Mar 25, 2025
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing... High Unreviewed
CVE-2025-2539 was published Mar 20, 2025
Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient... Moderate Unreviewed
CVE-2025-26486 was published Mar 19, 2025
IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed
CVE-2024-45643 was published Mar 14, 2025
There is a configuration defect vulnerability in ZTELink 5.4.9 for iOS. This vulnerability is... Moderate Unreviewed
CVE-2025-26708 was published Mar 7, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 Rich Client  uses... Moderate Unreviewed
CVE-2024-28780 was published Feb 19, 2025
Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of... Moderate Unreviewed
CVE-2024-10405 was published Feb 15, 2025
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. High Unreviewed
CVE-2024-4282 was published Feb 15, 2025
An issue was discovered in AudioCodes Mediant Session Border Controller (SBC) before 7.40A.501... High Unreviewed
CVE-2024-52884 was published Feb 7, 2025
An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W... High Unreviewed
CVE-2025-22936 was published Feb 6, 2025
IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the... Moderate Unreviewed
CVE-2024-49797 was published Feb 6, 2025
Brocade SANnav before Brocade SANnav 2.2.2 supports key exchange algorithms, which are considered... High Unreviewed
CVE-2022-43934 was published Feb 4, 2025
Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of... Low Unreviewed
CVE-2025-22475 was published Feb 4, 2025
Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky... Moderate Unreviewed
CVE-2024-37137 was published Feb 3, 2025
Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a... Critical Unreviewed
CVE-2022-3365 was published Jan 28, 2025
In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition... Moderate Unreviewed
CVE-2024-26317 was published Jan 27, 2025
IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0... Moderate Unreviewed
CVE-2024-27256 was published Jan 27, 2025
IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect... Moderate Unreviewed
CVE-2024-38320 was published Jan 27, 2025
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than... Moderate Unreviewed
CVE-2024-22347 was published Jan 20, 2025
A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used... High Unreviewed
CVE-2024-8603 was published Jan 15, 2025
IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a... Moderate Unreviewed
CVE-2024-51456 was published Jan 12, 2025
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow a remote attacker to... Moderate Unreviewed
CVE-2024-52366 was published Jan 7, 2025
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected... Moderate Unreviewed
CVE-2024-41763 was published Jan 4, 2025
Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm High Unreviewed
CVE-2024-47921 was published Dec 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database