Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,494
Maven
5,000+
npm
4,129
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

174 advisories

Loading
Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0... High Unreviewed
CVE-2025-46409 was published Aug 28, 2025
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 uses weaker than expected cryptographic... High Unreviewed
CVE-2019-4160 was published May 24, 2022
jsrsasign v11.1.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45764 was published Aug 6, 2025
jwt v5.4.3 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45770 was published Jul 31, 2025
php-jwt v6.11.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45769 was published Jul 31, 2025
Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on... High Unreviewed
CVE-2025-7398 was published Jul 18, 2025
Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab FT10 Energy Platform ... High Unreviewed
CVE-2019-13539 was published May 24, 2022
In Modem, there is a possible information disclosure due to incorrect error handling. This could... High Unreviewed
CVE-2025-20667 was published May 5, 2025
Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management... High Unreviewed
CVE-2025-46626 was published May 2, 2025
An issue was discovered in the software on Vaultek Gun Safe VT20i products. There is no... High Unreviewed
CVE-2017-17436 was published May 14, 2022
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow... High Unreviewed
CVE-2016-2379 was published May 17, 2022
hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and... High Unreviewed
CVE-2016-10102 was published May 17, 2022
The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may... High Unreviewed
CVE-2020-14481 was published Feb 25, 2022
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict... High Unreviewed
CVE-2014-0224 was published May 13, 2022
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier... High Unreviewed
CVE-2013-4508 was published May 13, 2022
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a... High Unreviewed
CVE-2022-43460 was published Feb 13, 2023
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC... High Unreviewed
CVE-2024-54089 was published Feb 11, 2025
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa... High Unreviewed
CVE-2024-29950 was published Apr 17, 2024
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0... High Unreviewed
CVE-2024-29969 was published Apr 19, 2024
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard... High Unreviewed
CVE-2023-30351 was published May 10, 2023
In multiple places of AccessibilityService, there is a possible way to hide the app from the user... High Unreviewed
CVE-2023-21109 was published May 16, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app... High Unreviewed
CVE-2023-32414 was published Jun 23, 2023
A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software... High Unreviewed
CVE-2020-3549 was published May 24, 2022
An unauthenticated local attacker can decrypt the devices config file and therefore compromise... High Unreviewed
CVE-2024-45273 was published Oct 15, 2024
An issue in DrayTek Vigor310 devices through 4.3.2.6 allows an attacker to obtain sensitive... High Unreviewed
CVE-2024-41594 was published Oct 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database