GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
167 advisories
Filter by severity
The device is observed to accept deprecated TLS protocols, increasing the risk of cryptographic...
Moderate
Unreviewed
CVE-2023-41928
was published
Jul 2, 2024
The server supports at least one cipher suite which is on the NCSC-NL list of cipher suites to be...
Moderate
Unreviewed
CVE-2023-41927
was published
Jul 2, 2024
Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.0 contain use of a broken or risky...
Moderate
Unreviewed
CVE-2024-32852
was published
Jul 2, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the...
Moderate
Unreviewed
CVE-2023-6240
was published
Feb 4, 2024
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected...
Moderate
Unreviewed
CVE-2023-38371
was published
Jun 27, 2024
Dell PowerProtect Data Domain, versions prior to 7.13.0.0, LTS 7.7.5.40, LTS 7.10.1.30 contain an...
Moderate
Unreviewed
CVE-2024-29175
was published
Jun 26, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med...
Moderate
Unreviewed
CVE-2024-3264
was published
Jun 24, 2024
CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could
cause...
Moderate
Unreviewed
CVE-2024-5559
was published
Jun 12, 2024
The Progress MOVEit Automation configuration export function prior to 2024.0.1 uses a...
Moderate
Unreviewed
CVE-2024-4563
was published
May 22, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of a broken or risky...
Moderate
Unreviewed
CVE-2024-25968
was published
May 14, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2023-40696
was published
May 3, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic...
Moderate
Unreviewed
CVE-2020-4874
was published
May 3, 2024
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can...
Moderate
Unreviewed
CVE-2022-45170
was published
Apr 14, 2023
On certain Samsung P(9.0) phones, an attacker with physical access can start a TCP Dump capture...
Moderate
Unreviewed
CVE-2019-11341
was published
May 24, 2022
Dell NetWorker Virtual Edition versions 19.8 and below contain the use of deprecated...
Moderate
Unreviewed
CVE-2023-28053
was published
Dec 22, 2023
Windows Authentication Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-29056
was published
Apr 9, 2024
Dell SCG Policy Manager 5.16.00.14 contains a broken cryptographic algorithm vulnerability. A...
Moderate
Unreviewed
CVE-2023-39252
was published
Sep 21, 2023
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security, caused...
Moderate
Unreviewed
CVE-2023-35890
was published
Jul 7, 2023
The affected TBox RTUs store hashed passwords using MD5 encryption, which is an insecure...
Moderate
Unreviewed
CVE-2023-36608
was published
Jul 3, 2023
Dell SCG 5.14 contains an information disclosure vulnerability during the SRS to SCG upgrade...
Moderate
Unreviewed
CVE-2023-28043
was published
Jun 1, 2023
A misconfiguration of RSA padding implemented in the PingID Adapter for PingFederate to support...
Moderate
Unreviewed
CVE-2022-40722
was published
Apr 25, 2023
In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed...
Moderate
Unreviewed
CVE-2020-5943
was published
May 24, 2022
The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential...
Moderate
Unreviewed
CVE-2019-18659
was published
May 24, 2022
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used...
Moderate
Unreviewed
CVE-2018-5745
was published
May 24, 2022
EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable to information exposure in...
Moderate
Unreviewed
CVE-2019-16116
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API