GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
172 advisories
Filter by severity
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow...
Moderate
Unreviewed
CVE-2023-50937
was published
Feb 2, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow...
Moderate
Unreviewed
CVE-2023-50939
was published
Feb 2, 2024
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker...
Moderate
Unreviewed
CVE-2024-1040
was published
Feb 2, 2024
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware...
Moderate
Unreviewed
CVE-2023-5962
was published
Dec 23, 2023
Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated...
Moderate
Unreviewed
CVE-2023-28053
was published
Dec 22, 2023
IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms...
Moderate
Unreviewed
CVE-2022-43843
was published
Dec 14, 2023
Brocade Fabric OS (FOS) hardware
platforms running any version of Brocade Fabric OS software,...
Moderate
Unreviewed
CVE-2021-27795
was published
Dec 6, 2023
The TETRA TA61 identity encryption function internally uses a 64-bit value derived exclusively...
Moderate
Unreviewed
CVE-2022-24403
was published
Dec 5, 2023
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to...
Moderate
Unreviewed
CVE-2023-26024
was published
Dec 1, 2023
IBM CICS TX Advanced 10.1 uses weaker than expected cryptographic algorithms that could allow an...
Moderate
Unreviewed
CVE-2023-38361
was published
Nov 18, 2023
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A...
Moderate
Unreviewed
CVE-2023-39252
was published
Sep 21, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4327
was published
Aug 15, 2023
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused...
Moderate
Unreviewed
CVE-2023-35890
was published
Jul 7, 2023
The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure...
Moderate
Unreviewed
CVE-2023-36608
was published
Jul 3, 2023
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade...
Moderate
Unreviewed
CVE-2023-28043
was published
Jun 1, 2023
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support...
Moderate
Unreviewed
CVE-2022-40722
was published
Apr 25, 2023
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can...
Moderate
Unreviewed
CVE-2022-45170
was published
Apr 14, 2023
Dell Secure Connect Gateway (SCG) version 5.14.00.12 contains a broken cryptographic algorithm...
Moderate
Unreviewed
CVE-2023-23695
was published
Feb 17, 2023
Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote...
Moderate
Unreviewed
CVE-2022-22564
was published
Feb 14, 2023
IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker...
Moderate
Unreviewed
CVE-2022-35720
was published
Feb 8, 2023
All versions of Econolite EOS traffic control software are vulnerable to CWE-328: Use of Weak...
Moderate
Unreviewed
CVE-2023-0452
was published
Jan 26, 2023
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum...
Moderate
Unreviewed
CVE-2021-36647
was published
Jan 17, 2023
The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health...
Moderate
Unreviewed
CVE-2023-0296
was published
Jan 17, 2023
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing...
Moderate
Unreviewed
CVE-2022-20513
was published
Dec 20, 2022
A vulnerability, which was classified as problematic, has been found in Click Studios...
Moderate
Unreviewed
CVE-2022-4610
was published
Dec 19, 2022
ProTip!
Advisories are also available from the
GraphQL API