Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected... Moderate Unreviewed
CVE-2024-22314 was published Apr 16, 2025
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which... Critical Unreviewed
CVE-2016-6602 was published May 14, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed
CVE-2014-8687 was published May 17, 2022
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67... Moderate Unreviewed
CVE-2017-17382 was published May 13, 2022
An Improper Authorization vulnerability was identified in the EOL OVA based connect component... Moderate Unreviewed
CVE-2025-3838 was published Apr 21, 2025
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing... Moderate Unreviewed
CVE-2022-20513 was published Dec 20, 2022
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit... Moderate Unreviewed
CVE-2024-30152 was published Apr 25, 2025
An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols... Critical Unreviewed
CVE-2025-3200 was published Apr 28, 2025
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2024-55912 was published May 2, 2025
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed
CVE-2025-24007 was published May 13, 2025
Vulnerability in Best Practical Solutions, LLC's Request Tracker v5.0.7, where the Triple DES ... Low Unreviewed
CVE-2025-2545 was published May 5, 2025
Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX,... Moderate Unreviewed
CVE-2025-3938 was published May 22, 2025
Ciphertext Malleability Issue in Tink Java Moderate
CVE-2020-8929 was published for com.google.crypto.tink:tink (Maven) Oct 16, 2020
reteptilian
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40528 was published May 24, 2022
A service supports the use of a deprecated and unsafe TLS version. This could be exploited to... Moderate Unreviewed
CVE-2025-49196 was published Jun 12, 2025
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption,... High Unreviewed
CVE-2023-50350 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can... High Unreviewed
CVE-2023-50351 was published Jan 3, 2024
During the initial setup of the device the user connects to an access point broadcast by the... Moderate Unreviewed
CVE-2025-6521 was published Jun 27, 2025
Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient... Moderate Unreviewed
CVE-2025-26486 was published Mar 19, 2025
The VNC authentication mechanism bases on a challenge-response system where both server and... Moderate Unreviewed
CVE-2025-27458 was published Jul 3, 2025
A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All... Moderate Unreviewed
CVE-2023-52236 was published Jul 8, 2025
A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All... Moderate Unreviewed
CVE-2025-41223 was published Jul 8, 2025
Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an... Low Unreviewed
CVE-2025-49756 was published Jul 8, 2025
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of... Moderate Unreviewed
CVE-2024-49784 was published Jul 8, 2025
Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky... Moderate Unreviewed
CVE-2025-30477 was published Jul 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database