Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

422 advisories

Loading
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic... High Unreviewed
CVE-2024-22463 was published Mar 4, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2024-27255 was published Mar 3, 2024
Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An... Low Unreviewed
CVE-2024-22458 was published Mar 1, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than... Moderate Unreviewed
CVE-2023-50312 was published Mar 1, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware... Moderate Unreviewed
CVE-2023-51392 was published Feb 23, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-34309 was published Feb 12, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-34310 was published Feb 12, 2024
IBM Semeru Runtime 8.0.302.0 through 8.0.392.0, 11.0.12.0 through 11.0.21.0, 17.0.1.0 - 17.0.9.0,... Moderate Unreviewed
CVE-2024-22361 was published Feb 10, 2024
Vyper sha3 codegen bug Low
CVE-2024-24559 was published for vyper (pip) Feb 5, 2024
cyberthirst kuroi8
Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation... Critical Unreviewed
CVE-2024-0323 was published Feb 5, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the... Moderate Unreviewed
CVE-2023-6240 was published Feb 4, 2024
Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm. High
CVE-2023-51838 was published for meshcentral (npm) Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed
CVE-2023-50937 was published Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed
CVE-2023-50939 was published Feb 2, 2024
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker... Moderate Unreviewed
CVE-2024-1040 was published Feb 2, 2024
DeviceFarmer stf uses DES-ECB Critical
CVE-2023-51839 was published for @devicefarmer/stf (npm) Jan 29, 2024
CL-Signatures Revocation Scheme in Ursa has flaws that allow a holder to demonstrate non-revocation of a revoked credential Moderate
CVE-2024-21670 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
Ursa CL-Signatures Revocation allows verifiers to generate unique identifiers for holders Moderate
CVE-2024-22192 was published for anoncreds-clsignatures (Rust) Jan 16, 2024
The authentication cookies are generated using an algorithm based on the username, hardcoded... High Unreviewed
CVE-2023-49259 was published Jan 12, 2024
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption,... High Unreviewed
CVE-2023-50350 was published Jan 3, 2024
Sympa before 6.2.62 relies on a cookie parameter for certain security objectives, but does not... High Unreviewed
CVE-2021-46900 was published Dec 31, 2023
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware... Moderate Unreviewed
CVE-2023-5962 was published Dec 23, 2023
Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated... Moderate Unreviewed
CVE-2023-28053 was published Dec 22, 2023
bsock uses weak hashing algorithms Critical
CVE-2023-50475 was published for bsock (npm) Dec 21, 2023
IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms... Moderate Unreviewed
CVE-2022-43843 was published Dec 14, 2023
ProTip! Advisories are also available from the GraphQL API