GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
451 advisories
Filter by severity
IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-43189
was published
Nov 15, 2024
paillier-zk has ambiguous challenge derivation
Low
GHSA-fpr5-jp2j-4q2f
was published
for
paillier-zk
(Rust)
Nov 12, 2024
cggmp21 vulnerable to ambiguous challenge derivation
Low
GHSA-rm66-9gh4-4gp8
was published
for
cggmp21
(Rust)
Nov 12, 2024
cggmp21-keygen has ambiguous challenge derivation
Low
GHSA-7jjx-3qw9-j6h6
was published
for
cggmp21-keygen
(Rust)
Nov 12, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user...
Moderate
Unreviewed
CVE-2020-11916
was published
Nov 7, 2024
This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at...
High
Unreviewed
CVE-2024-51556
was published
Nov 4, 2024
YesWiki Uses a Broken or Risky Cryptographic Algorithm
High
CVE-2024-51478
was published
for
yeswiki/yeswiki
(Composer)
Oct 31, 2024
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as...
Moderate
Unreviewed
CVE-2024-10128
was published
Oct 18, 2024
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a...
Moderate
Unreviewed
CVE-2024-48016
was published
Oct 18, 2024
Portainer improperly uses an encryption algorithm in the AesEncrypt function
High
CVE-2024-33662
was published
for
github.com/portainer/portainer
(Go)
Oct 2, 2024
Certain switch models from PLANET Technology only support obsolete algorithms for authentication...
High
Unreviewed
CVE-2024-8452
was published
Sep 30, 2024
Dell PowerScale InsightIQ, versions 5.0 through 5.1, contains a Use of a Broken or Risky...
High
Unreviewed
CVE-2024-39583
was published
Sep 10, 2024
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-37068
was published
Sep 7, 2024
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-39745
was published
Aug 22, 2024
Gorush uses deprecated TLS versions
Moderate
CVE-2024-41270
was published
for
github.com/appleboy/gorush
(Go)
Aug 6, 2024
Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm...
Moderate
Unreviewed
CVE-2024-28972
was published
Aug 1, 2024
Beego privilege escalation vulnerability
High
CVE-2024-40465
was published
for
github.com/beego/beego/v2
(Go)
Jul 31, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected...
Moderate
Unreviewed
CVE-2024-39731
was published
Jul 15, 2024
Windows Cryptographic Services Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-30098
was published
Jul 9, 2024
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic...
Moderate
Unreviewed
CVE-2023-41928
was published
Jul 2, 2024
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be...
Moderate
Unreviewed
CVE-2023-41927
was published
Jul 2, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky...
Moderate
Unreviewed
CVE-2024-32852
was published
Jul 2, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected...
Moderate
Unreviewed
CVE-2023-38371
was published
Jun 27, 2024
Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an...
Moderate
Unreviewed
CVE-2024-29175
was published
Jun 26, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med...
Moderate
Unreviewed
CVE-2024-3264
was published
Jun 24, 2024
ProTip!
Advisories are also available from the
GraphQL API