Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

429 advisories

Loading
There is a possible escalation of privilege due to improperly used crypto. This could lead to... Critical Unreviewed
CVE-2024-32911 was published Jun 13, 2024
CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists that could cause... Moderate Unreviewed
CVE-2024-5559 was published Jun 12, 2024
In modem, there is a possible information disclosure due to using risky cryptographic algorithm... Moderate Unreviewed
CVE-2024-20070 was published Jun 3, 2024
The Progress MOVEit Automation configuration export function prior to 2024.0.1 uses a... Moderate Unreviewed
CVE-2024-4563 was published May 22, 2024
Web application manifests were stored by using an insecure MD5 hash which allowed for a hash... High Unreviewed
CVE-2024-4765 was published May 14, 2024
Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of a broken or risky... Moderate Unreviewed
CVE-2024-25968 was published May 14, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2023-40696 was published May 3, 2024
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2020-4874 was published May 3, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information... Low Unreviewed
CVE-2023-37396 was published Apr 19, 2024
Windows Authentication Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-29056 was published Apr 9, 2024
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for... Moderate Unreviewed
CVE-2023-50313 was published Apr 2, 2024
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic... Moderate Unreviewed
CVE-2024-25963 was published Mar 28, 2024
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits... Moderate Unreviewed
CVE-2024-28834 was published Mar 21, 2024
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic... High Unreviewed
CVE-2024-22463 was published Mar 4, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3... Moderate Unreviewed
CVE-2024-27255 was published Mar 3, 2024
Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An... Low Unreviewed
CVE-2024-22458 was published Mar 1, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than... Moderate Unreviewed
CVE-2023-50312 was published Mar 1, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware... Moderate Unreviewed
CVE-2023-51392 was published Feb 23, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-34309 was published Feb 12, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-34310 was published Feb 12, 2024
IBM Semeru Runtime 8.0.302.0 through 8.0.392.0, 11.0.12.0 through 11.0.21.0, 17.0.1.0 - 17.0.9.0,... Moderate Unreviewed
CVE-2024-22361 was published Feb 10, 2024
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable... Moderate Unreviewed
CVE-2024-22318 was published Feb 9, 2024
Use of a Broken or Risky Cryptographic Algorithm vulnerability in B&R Industrial Automation... Critical Unreviewed
CVE-2024-0323 was published Feb 5, 2024
A Marvin vulnerability side-channel leakage was found in the RSA decryption operation in the... Moderate Unreviewed
CVE-2023-6240 was published Feb 4, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses weaker than expected cryptographic algorithms that could allow... Moderate Unreviewed
CVE-2023-50937 was published Feb 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database