Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

514 advisories

Loading
Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator High
CVE-2018-1000180 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 16, 2018
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function... High Unreviewed
CVE-2025-9146 was published Aug 19, 2025
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than... Moderate Unreviewed
CVE-2024-45671 was published Sep 10, 2025
Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of... Moderate Unreviewed
CVE-2024-10405 was published Feb 15, 2025
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. High Unreviewed
CVE-2024-4282 was published Feb 15, 2025
A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This... Low Unreviewed
CVE-2025-9383 was published Aug 24, 2025
IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0... Moderate Unreviewed
CVE-2024-27256 was published Jan 27, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Moderate Unreviewed
CVE-2024-41986 was published Aug 12, 2025
Gessler GmbH WEB-MASTER user account is stored using a weak hashing algorithm. The attacker can... Moderate Unreviewed
CVE-2024-1040 was published Feb 2, 2024
jsrsasign v11.1.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45764 was published Aug 6, 2025
poco v1.14.1-release was discovered to contain weak encryption. High Unreviewed
CVE-2025-45766 was published Aug 6, 2025
CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cryptographic hash algorithm... High Unreviewed
CVE-2025-51726 was published Aug 4, 2025
jose v6.0.10 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45767 was published Aug 1, 2025
A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability... Low Unreviewed
CVE-2025-8260 was published Jul 28, 2025
Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky... Moderate Unreviewed
CVE-2025-30477 was published Jul 21, 2025
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of... Moderate Unreviewed
CVE-2024-49784 was published Jul 8, 2025
Use of a broken or risky cryptographic algorithm in Office Developer Platform allows an... Low Unreviewed
CVE-2025-49756 was published Jul 8, 2025
A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All... Moderate Unreviewed
CVE-2025-41223 was published Jul 8, 2025
A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All... Moderate Unreviewed
CVE-2023-52236 was published Jul 8, 2025
The VNC authentication mechanism bases on a challenge-response system where both server and... Moderate Unreviewed
CVE-2025-27458 was published Jul 3, 2025
Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient... Moderate Unreviewed
CVE-2025-26486 was published Mar 19, 2025
During the initial setup of the device the user connects to an access point broadcast by the... Moderate Unreviewed
CVE-2025-6521 was published Jun 27, 2025
HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can... High Unreviewed
CVE-2023-50351 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption,... High Unreviewed
CVE-2023-50350 was published Jan 3, 2024
A service supports the use of a deprecated and unsafe TLS version. This could be exploited to... Moderate Unreviewed
CVE-2025-49196 was published Jun 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database