GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
358 advisories
Filter by severity
A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy...
High
Unreviewed
CVE-2020-7514
was published
May 24, 2022
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed...
Moderate
Unreviewed
CVE-2020-5943
was published
May 24, 2022
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support...
Moderate
Unreviewed
CVE-2022-40722
was published
Apr 25, 2023
IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2...
High
Unreviewed
CVE-2023-27557
was published
Apr 28, 2023
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11...
High
Unreviewed
CVE-2023-30441
was published
Apr 29, 2023
A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2...
High
Unreviewed
CVE-2022-45858
was published
May 4, 2023
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2022-22313
was published
May 6, 2023
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm...
High
Unreviewed
CVE-2023-28076
was published
May 16, 2023
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade...
Moderate
Unreviewed
CVE-2023-28043
was published
Jun 1, 2023
A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1...
High
Unreviewed
CVE-2022-43949
was published
Jun 13, 2023
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type...
High
Unreviewed
CVE-2023-21115
was published
Jun 15, 2023
The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered...
High
Unreviewed
CVE-2023-28006
was published
Jun 23, 2023
The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure...
Moderate
Unreviewed
CVE-2023-36608
was published
Jul 3, 2023
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused...
Moderate
Unreviewed
CVE-2023-35890
was published
Jul 7, 2023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM...
High
Unreviewed
CVE-2023-36749
was published
Jul 11, 2023
there is a possible way to bypass cryptographic assurances due to a logic error in the code. This...
High
Unreviewed
CVE-2023-21399
was published
Jul 13, 2023
SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm (TEA) with a hardcoded key to...
Critical
Unreviewed
CVE-2023-34130
was published
Jul 13, 2023
IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that...
High
Unreviewed
CVE-2021-38933
was published
Jul 19, 2023
HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can...
High
Unreviewed
CVE-2023-23346
was published
Aug 9, 2023
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can...
High
Unreviewed
CVE-2023-23347
was published
Aug 9, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration...
High
Unreviewed
CVE-2023-4326
was published
Aug 15, 2023
Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration...
High
Unreviewed
CVE-2023-4331
was published
Aug 15, 2023
IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2023-38730
was published
Aug 28, 2023
Vault Key Sealed With SHA1 PCRs
The measured boot solution implemented in EVE OS leans on...
High
Unreviewed
CVE-2023-43635
was published
Sep 20, 2023
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A...
Moderate
Unreviewed
CVE-2023-39252
was published
Sep 21, 2023
ProTip!
Advisories are also available from the
GraphQL API