Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40528 was published May 24, 2022
Ciphertext Malleability Issue in Tink Java Moderate
CVE-2020-8929 was published for com.google.crypto.tink:tink (Maven) Oct 16, 2020
reteptilian
Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX,... Moderate Unreviewed
CVE-2025-3938 was published May 22, 2025
Vulnerability in Best Practical Solutions, LLC's Request Tracker v5.0.7, where the Triple DES ... Low Unreviewed
CVE-2025-2545 was published May 5, 2025
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed
CVE-2025-24007 was published May 13, 2025
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2024-55912 was published May 2, 2025
An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols... Critical Unreviewed
CVE-2025-3200 was published Apr 28, 2025
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit... Moderate Unreviewed
CVE-2024-30152 was published Apr 25, 2025
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing... Moderate Unreviewed
CVE-2022-20513 was published Dec 20, 2022
An Improper Authorization vulnerability was identified in the EOL OVA based connect component... Moderate Unreviewed
CVE-2025-3838 was published Apr 21, 2025
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67... Moderate Unreviewed
CVE-2017-17382 was published May 13, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed
CVE-2014-8687 was published May 17, 2022
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which... Critical Unreviewed
CVE-2016-6602 was published May 14, 2022
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected... Moderate Unreviewed
CVE-2024-22314 was published Apr 16, 2025
IBM Aspera Console 3.4.0 through 3.4.4 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-43851 was published Apr 14, 2025
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state... Moderate Unreviewed
CVE-2015-2808 was published May 13, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit... Moderate Unreviewed
CVE-2007-6755 was published May 1, 2022
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum... Moderate Unreviewed
CVE-2021-36647 was published Jan 17, 2023
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead... Moderate Unreviewed
CVE-2005-2946 was published May 1, 2022
IBM Robotic Process Automation 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19 could allow a... Moderate Unreviewed
CVE-2024-51456 was published Jan 12, 2025
A vulnerability was found in Netis WF-2404 1.1.124EN. It has been rated as problematic. This... Low Unreviewed
CVE-2025-2920 was published Mar 28, 2025
IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2024-31896 was published Mar 25, 2025
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing... High Unreviewed
CVE-2025-2539 was published Mar 20, 2025
IBM Security QRadar 3.12 EDR uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed
CVE-2024-45643 was published Mar 14, 2025
There is a configuration defect vulnerability in ZTELink 5.4.9 for iOS. This vulnerability is... Moderate Unreviewed
CVE-2025-26708 was published Mar 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database