GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
469 advisories
Filter by severity
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys...
Moderate
Unreviewed
CVE-2023-4327
was published
Aug 15, 2023
SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and...
Moderate
Unreviewed
CVE-2023-37484
was published
Aug 8, 2023
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware...
Moderate
Unreviewed
CVE-2023-51392
was published
Feb 23, 2024
Certain switch models from PLANET Technology only support obsolete algorithms for authentication...
High
Unreviewed
CVE-2024-8452
was published
Sep 30, 2024
The authentication cookies are generated using an algorithm based on the username, hardcoded...
High
Unreviewed
CVE-2023-49259
was published
Jan 12, 2024
Key confusion through non-blocklisted public key formats
High
CVE-2022-29217
was published
for
pyjwt
(pip)
May 24, 2022
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a...
Moderate
Unreviewed
CVE-2024-48016
was published
Oct 18, 2024
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as...
Moderate
Unreviewed
CVE-2024-10128
was published
Oct 18, 2024
Python-RSA decryption of ciphertext leads to DoS
High
CVE-2020-13757
was published
for
rsa
(pip)
Mar 24, 2021
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware...
Moderate
Unreviewed
CVE-2023-5962
was published
Dec 23, 2023
YesWiki Uses a Broken or Risky Cryptographic Algorithm
High
CVE-2024-51478
was published
for
yeswiki/yeswiki
(Composer)
Oct 31, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user...
Moderate
Unreviewed
CVE-2020-11916
was published
Nov 7, 2024
This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at...
High
Unreviewed
CVE-2024-51556
was published
Nov 4, 2024
cggmp21-keygen has ambiguous challenge derivation
Low
GHSA-7jjx-3qw9-j6h6
was published
for
cggmp21-keygen
(Rust)
Nov 12, 2024
cggmp21 vulnerable to ambiguous challenge derivation
Low
GHSA-rm66-9gh4-4gp8
was published
for
cggmp21
(Rust)
Nov 12, 2024
paillier-zk has ambiguous challenge derivation
Low
GHSA-fpr5-jp2j-4q2f
was published
for
paillier-zk
(Rust)
Nov 12, 2024
Ciphertext Malleability Issue in Tink Java
Moderate
CVE-2020-8929
was published
for
com.google.crypto.tink:tink
(Maven)
Oct 16, 2020
IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-43189
was published
Nov 15, 2024
In modem, there is a possible information disclosure due to using risky cryptographic algorithm...
Moderate
Unreviewed
CVE-2024-20070
was published
Jun 3, 2024
Silver vulnerable to MitM attack against implants due to a cryptography vulnerability
Critical
CVE-2023-34758
was published
for
github.com/bishopfox/sliver
(Go)
Jun 21, 2023
python-jose algorithm confusion with OpenSSH ECDSA keys
Critical
CVE-2024-33663
was published
for
python-jose
(pip)
Apr 26, 2024
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits...
Moderate
Unreviewed
CVE-2024-28834
was published
Mar 21, 2024
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is...
Moderate
Unreviewed
CVE-2023-40660
was published
Nov 6, 2023
ProTip!
Advisories are also available from the
GraphQL API