Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

422 advisories

Loading
The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered... High Unreviewed
CVE-2023-28006 was published Jun 23, 2023
Silver vulnerable to MitM attack against implants due to a cryptography vulnerability High
CVE-2023-34758 was published for github.com/bishopfox/sliver (Go) Jun 21, 2023
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type... High Unreviewed
CVE-2023-21115 was published Jun 15, 2023
A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1... High Unreviewed
CVE-2022-43949 was published Jun 13, 2023
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade... Moderate Unreviewed
CVE-2023-28043 was published Jun 1, 2023
A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as... Low Unreviewed
CVE-2023-2900 was published May 25, 2023
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm... High Unreviewed
CVE-2023-28076 was published May 16, 2023
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic... High Unreviewed
CVE-2022-22313 was published May 6, 2023
A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2... High Unreviewed
CVE-2022-45858 was published May 4, 2023
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11... High Unreviewed
CVE-2023-30441 was published Apr 29, 2023
IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2... High Unreviewed
CVE-2023-27557 was published Apr 28, 2023
Chosen Ciphertext Attack in Jose4j Moderate
GHSA-jgvc-jfgh-rjvv was published for org.bitbucket.b_c:jose4j (Maven) Apr 27, 2023
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support... Moderate Unreviewed
CVE-2022-40722 was published Apr 25, 2023
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can... Moderate Unreviewed
CVE-2022-45170 was published Apr 14, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... High Unreviewed
CVE-2023-28509 was published Mar 29, 2023
SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols... High Unreviewed
CVE-2023-22812 was published Mar 24, 2023
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by... Critical Unreviewed
CVE-2022-45141 was published Mar 7, 2023
TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin... High Unreviewed
CVE-2023-23040 was published Feb 22, 2023
Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm... Moderate Unreviewed
CVE-2023-23695 was published Feb 17, 2023
Some cryptographic issues in Fortinet FortiNAC versions 9.4.0 through 9.4.1, 9.2.0 through 9.2.7,... High Unreviewed
CVE-2022-40675 was published Feb 16, 2023
Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote... Moderate Unreviewed
CVE-2022-22564 was published Feb 14, 2023
Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A... High Unreviewed
CVE-2022-34444 was published Feb 11, 2023
IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker... Moderate Unreviewed
CVE-2022-35720 was published Feb 8, 2023
IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker... High Unreviewed
CVE-2022-22462 was published Jan 26, 2023
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected... High Unreviewed
CVE-2022-43917 was published Jan 26, 2023
ProTip! Advisories are also available from the GraphQL API