Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

190 advisories

Loading
In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition... Moderate Unreviewed
CVE-2024-26317 was published Jan 27, 2025
IBM MQ Container 3.0.0, 3.0.1, 3.1.0 through 3.1.3 CD, 2.0.0 LTS through 2.0.22 LTS and 2.4.0... Moderate Unreviewed
CVE-2024-27256 was published Jan 27, 2025
IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect... Moderate Unreviewed
CVE-2024-38320 was published Jan 27, 2025
IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. 25 uses weaker than... Moderate Unreviewed
CVE-2024-22347 was published Jan 20, 2025
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an... Moderate Unreviewed
CVE-2022-46140 was published Dec 13, 2022
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow a remote attacker to... Moderate Unreviewed
CVE-2024-52366 was published Jan 7, 2025
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 uses weaker than expected... Moderate Unreviewed
CVE-2024-41763 was published Jan 4, 2025
Dell RecoverPoint for VMs, version(s) 6.0.x contain(s) a Use of a Broken or Risky Cryptographic... Moderate Unreviewed
CVE-2024-28980 was published Dec 13, 2024
IBM Cognos Controller 11.0.0 and 11.0.1 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2024-41775 was published Dec 3, 2024
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed
CVE-2023-40660 was published Nov 6, 2023
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits... Moderate Unreviewed
CVE-2024-28834 was published Mar 21, 2024
In modem, there is a possible information disclosure due to using risky cryptographic algorithm... Moderate Unreviewed
CVE-2024-20070 was published Jun 3, 2024
IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2024-43189 was published Nov 15, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user... Moderate Unreviewed
CVE-2020-11916 was published Nov 7, 2024
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware... Moderate Unreviewed
CVE-2023-5962 was published Dec 23, 2023
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as... Moderate Unreviewed
CVE-2024-10128 was published Oct 18, 2024
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a... Moderate Unreviewed
CVE-2024-48016 was published Oct 18, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware... Moderate Unreviewed
CVE-2023-51392 was published Feb 23, 2024
SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and... Moderate Unreviewed
CVE-2023-37484 was published Aug 8, 2023
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4327 was published Aug 15, 2023
IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to... Moderate Unreviewed
CVE-2023-40371 was published Aug 24, 2023
IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable... Moderate Unreviewed
CVE-2024-22318 was published Feb 9, 2024
IBM Maximo Application Suite - Manage Component 8.10, 8.11, and 9.0 uses weaker than expected... Moderate Unreviewed
CVE-2024-37068 was published Sep 7, 2024
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses weaker than expected... Moderate Unreviewed
CVE-2024-39745 was published Aug 22, 2024
Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm... Moderate Unreviewed
CVE-2024-28972 was published Aug 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database