GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
144 advisories
Filter by severity
A flaw was found in 3scale’s APIcast gateway that enabled the TLS 1.0 protocol. An attacker could...
High
Unreviewed
CVE-2019-14852
was published
May 24, 2022
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Air Conditioning System G-150AD...
High
Unreviewed
CVE-2022-24296
was published
Jun 9, 2022
A potential security vulnerability has been identified in HPE StoreOnce Software. The SSH server...
High
Unreviewed
CVE-2022-28622
was published
Jun 28, 2022
On Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 devices, the RPC endpoint crtc_fw_upgrade...
High
Unreviewed
CVE-2022-28370
was published
Jul 15, 2022
HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm.
High
Unreviewed
CVE-2022-37177
was published
Aug 30, 2022
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database...
High
Unreviewed
CVE-2021-27784
was published
Nov 1, 2022
IBM CICS TX 11.7 uses weaker than expected cryptographic algorithms that could allow an attacker...
High
Unreviewed
CVE-2022-34319
was published
Nov 14, 2022
IBM CICS TX 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker...
High
Unreviewed
CVE-2022-34320
was published
Nov 15, 2022
IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2022-34361
was published
Dec 6, 2022
IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an...
High
Unreviewed
CVE-2022-38391
was published
Dec 20, 2022
IBM Security Verify Governance, Identity Manager 10.0.1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2022-22461
was published
Dec 22, 2022
IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected...
High
Unreviewed
CVE-2022-43917
was published
Jan 26, 2023
IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker...
High
Unreviewed
CVE-2022-22462
was published
Jan 26, 2023
Dell PowerScale OneFS, versions 9.2.0.x through 9.4.0.x contain an information vulnerability. A...
High
Unreviewed
CVE-2022-34444
was published
Feb 11, 2023
Some cryptographic issues in Fortinet FortiNAC versions 9.4.0 through 9.4.1, 9.2.0 through 9.2.7,...
High
Unreviewed
CVE-2022-40675
was published
Feb 16, 2023
TP-Link router TL-WR940N V6 3.19.1 Build 180119 uses a deprecated MD5 algorithm to hash the admin...
High
Unreviewed
CVE-2023-23040
was published
Feb 22, 2023
SanDisk PrivateAccess versions prior to 6.4.9 support insecure TLS 1.0 and TLS 1.1 protocols...
High
Unreviewed
CVE-2023-22812
was published
Mar 24, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5...
High
Unreviewed
CVE-2023-28509
was published
Mar 29, 2023
IBM Counter Fraud Management for Safer Payments 6.1.0.00 through 6.1.1.02, 6.2.0.00 through 6.2.2...
High
Unreviewed
CVE-2023-27557
was published
Apr 28, 2023
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11...
High
Unreviewed
CVE-2023-30441
was published
Apr 29, 2023
A use of a weak cryptographic algorithm vulnerability [CWE-327] in FortiNAC 9.4.1 and below, 9.2...
High
Unreviewed
CVE-2022-45858
was published
May 4, 2023
IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic...
High
Unreviewed
CVE-2022-22313
was published
May 6, 2023
CloudLink 7.1.2 and all prior versions contain a broken or risky cryptographic algorithm...
High
Unreviewed
CVE-2023-28076
was published
May 16, 2023
A use of a broken or risky cryptographic algorithm [CWE-327] in Fortinet FortiSIEM before 6.7.1...
High
Unreviewed
CVE-2022-43949
was published
Jun 13, 2023
In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type...
High
Unreviewed
CVE-2023-21115
was published
Jun 15, 2023
ProTip!
Advisories are also available from the
GraphQL API