Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

214 advisories

Loading
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than... Moderate Unreviewed
CVE-2024-45671 was published Sep 10, 2025
Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of... Moderate Unreviewed
CVE-2024-10405 was published Feb 15, 2025
IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0... Moderate Unreviewed
CVE-2024-27256 was published Jan 27, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Moderate Unreviewed
CVE-2024-41986 was published Aug 12, 2025
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can... Moderate Unreviewed
CVE-2024-1040 was published Feb 2, 2024
Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky... Moderate Unreviewed
CVE-2025-30477 was published Jul 21, 2025
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of... Moderate Unreviewed
CVE-2024-49784 was published Jul 8, 2025
A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All... Moderate Unreviewed
CVE-2025-41223 was published Jul 8, 2025
A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All... Moderate Unreviewed
CVE-2023-52236 was published Jul 8, 2025
The VNC authentication mechanism bases on a challenge-response system where both server and... Moderate Unreviewed
CVE-2025-27458 was published Jul 3, 2025
Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient... Moderate Unreviewed
CVE-2025-26486 was published Mar 19, 2025
During the initial setup of the device the user connects to an access point broadcast by the... Moderate Unreviewed
CVE-2025-6521 was published Jun 27, 2025
A service supports the use of a deprecated and unsafe TLS version. This could be exploited to... Moderate Unreviewed
CVE-2025-49196 was published Jun 12, 2025
The ElGamal implementation in Libgcrypt before 1.9.4 allows plaintext recovery because, during... Moderate Unreviewed
CVE-2021-40528 was published May 24, 2022
Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX,... Moderate Unreviewed
CVE-2025-3938 was published May 22, 2025
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2024-55912 was published May 2, 2025
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit... Moderate Unreviewed
CVE-2024-30152 was published Apr 25, 2025
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing... Moderate Unreviewed
CVE-2022-20513 was published Dec 20, 2022
An Improper Authorization vulnerability was identified in the EOL OVA based connect component... Moderate Unreviewed
CVE-2025-3838 was published Apr 21, 2025
Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.5 before build 67... Moderate Unreviewed
CVE-2017-17382 was published May 13, 2022
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected... Moderate Unreviewed
CVE-2024-22314 was published Apr 16, 2025
IBM Aspera Console 3.4.0 through 3.4.4 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-43851 was published Apr 14, 2025
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state... Moderate Unreviewed
CVE-2015-2808 was published May 13, 2022
The NIST SP 800-90A default statement of the Dual Elliptic Curve Deterministic Random Bit... Moderate Unreviewed
CVE-2007-6755 was published May 1, 2022
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum... Moderate Unreviewed
CVE-2021-36647 was published Jan 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database