Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
35
GitHub Actions
29
Go
2,334
Maven
5,000+
npm
3,967
NuGet
713
pip
3,763
Pub
12
RubyGems
923
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

412 advisories

Loading
A service supports the use of a deprecated and unsafe TLS version. This could be exploited to... Moderate Unreviewed
CVE-2025-49196 was published Jun 12, 2025
Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX,... Moderate Unreviewed
CVE-2025-3938 was published May 22, 2025
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed
CVE-2025-24007 was published May 13, 2025
Vulnerability in Best Practical Solutions, LLC's Request Tracker v5.0.7, where the Triple DES ... Low Unreviewed
CVE-2025-2545 was published May 5, 2025
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2024-55912 was published May 2, 2025
An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols... Critical Unreviewed
CVE-2025-3200 was published Apr 28, 2025
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit... Moderate Unreviewed
CVE-2024-30152 was published Apr 25, 2025
An Improper Authorization vulnerability was identified in the EOL OVA based connect component... Moderate Unreviewed
CVE-2025-3838 was published Apr 21, 2025
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected... Moderate Unreviewed
CVE-2024-22314 was published Apr 16, 2025
IBM Aspera Console 3.4.0 through 3.4.4 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-43851 was published Apr 14, 2025
A vulnerability was found in Netis WF-2404 1.1.124EN. It has been rated as problematic. This... Low Unreviewed
CVE-2025-2920 was published Mar 28, 2025
IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2024-31896 was published Mar 25, 2025
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing... High Unreviewed
CVE-2025-2539 was published Mar 20, 2025
Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient... Moderate Unreviewed
CVE-2025-26486 was published Mar 19, 2025
IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed
CVE-2024-45643 was published Mar 14, 2025
There is a configuration defect vulnerability in ZTELink 5.4.9 for iOS. This vulnerability is... Moderate Unreviewed
CVE-2025-26708 was published Mar 7, 2025
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 Rich Client  uses... Moderate Unreviewed
CVE-2024-28780 was published Feb 19, 2025
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. High Unreviewed
CVE-2024-4282 was published Feb 15, 2025
Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of... Moderate Unreviewed
CVE-2024-10405 was published Feb 15, 2025
An issue was discovered in AudioCodes Mediant Session Border Controller (SBC) before 7.40A.501... High Unreviewed
CVE-2024-52884 was published Feb 7, 2025
An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W... High Unreviewed
CVE-2025-22936 was published Feb 6, 2025
IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive information, caused by the... Moderate Unreviewed
CVE-2024-49797 was published Feb 6, 2025
Brocade SANnav before Brocade SANnav 2.2.2 supports key exchange algorithms, which are considered... High Unreviewed
CVE-2022-43934 was published Feb 4, 2025
Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of... Low Unreviewed
CVE-2025-22475 was published Feb 4, 2025
Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky... Moderate Unreviewed
CVE-2024-37137 was published Feb 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database