Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

195 advisories

Loading
Bouncy Castle has a flaw in the Low-level interface to RSA key pair generator High
CVE-2018-1000180 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 16, 2018
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function... High Unreviewed
CVE-2025-9146 was published Aug 19, 2025
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. High Unreviewed
CVE-2024-4282 was published Feb 15, 2025
jsrsasign v11.1.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45764 was published Aug 6, 2025
poco v1.14.1-release was discovered to contain weak encryption. High Unreviewed
CVE-2025-45766 was published Aug 6, 2025
CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cryptographic hash algorithm... High Unreviewed
CVE-2025-51726 was published Aug 4, 2025
jose v6.0.10 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45767 was published Aug 1, 2025
HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can... High Unreviewed
CVE-2023-50351 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption,... High Unreviewed
CVE-2023-50350 was published Jan 3, 2024
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed
CVE-2025-24007 was published May 13, 2025
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing... High Unreviewed
CVE-2025-2539 was published Mar 20, 2025
Emissary May Use a Broken or Risky Cryptographic Algorithm High
CVE-2025-27508 was published for gov.nsa.emissary:emissary (Maven) Mar 5, 2025
0dd moweiyang0214
MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application... High Unreviewed
CVE-2024-48847 was published Dec 5, 2024
Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J High
CVE-2015-0226 was published for org.apache.ws.security:wss4j (Maven) May 14, 2022
r3kumar
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... High Unreviewed
CVE-2023-28509 was published Mar 29, 2023
An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W... High Unreviewed
CVE-2025-22936 was published Feb 6, 2025
Unauthenticated crypto and weak IV in Magento\Framework\Encryption High
CVE-2016-6485 was published for magento/community-edition (Composer) Nov 20, 2019
An issue was discovered in AudioCodes Mediant Session Border Controller (SBC) before 7.40A.501... High Unreviewed
CVE-2024-52884 was published Feb 7, 2025
Brocade SANnav before Brocade SANnav 2.2.2 supports key exchange algorithms, which are considered... High Unreviewed
CVE-2022-43934 was published Feb 4, 2025
A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used... High Unreviewed
CVE-2024-8603 was published Jan 15, 2025
Smadar SPS – CWE-327: Use of a Broken or Risky Cryptographic Algorithm High Unreviewed
CVE-2024-47921 was published Dec 30, 2024
Bit flip attack vulnerability in cookie-encrypter High
CVE-2024-53441 was published for cookie-encrypter (npm) Dec 9, 2024
mathysEthical
Portainer improperly uses an encryption algorithm in the AesEncrypt function High
CVE-2024-33662 was published for github.com/portainer/portainer (Go) Oct 2, 2024
This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at... High Unreviewed
CVE-2024-51556 was published Nov 4, 2024
YesWiki Uses a Broken or Risky Cryptographic Algorithm High
CVE-2024-51478 was published for yeswiki/yeswiki (Composer) Oct 31, 2024
Nishacid
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database