GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
438 advisories
Filter by severity
IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for...
Moderate
Unreviewed
CVE-2023-50313
was published
Apr 2, 2024
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242...
Moderate
Unreviewed
CVE-2020-11876
was published
May 24, 2022
** DISPUTED ** An issue was discovered in SMA Solar Technology products. The inverters make use...
Critical
Unreviewed
CVE-2017-9859
was published
May 13, 2022
Dell PowerScale OneFS, versions 8.2.2.x through 9.5.0.x contains a use of a broken cryptographic...
Moderate
Unreviewed
CVE-2024-25963
was published
Mar 28, 2024
HireVue Hiring Platform V1.0 suffers from Use of a Broken or Risky Cryptographic Algorithm.
High
Unreviewed
CVE-2022-37177
was published
Aug 30, 2022
Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic...
High
Unreviewed
CVE-2024-22463
was published
Mar 4, 2024
IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3...
Moderate
Unreviewed
CVE-2024-27255
was published
Mar 3, 2024
Dell Secure Connect Gateway, 5.18, contains an Inadequate Encryption Strength Vulnerability. An...
Low
Unreviewed
CVE-2024-22458
was published
Mar 1, 2024
IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.2 could provide weaker than...
Moderate
Unreviewed
CVE-2023-50312
was published
Mar 1, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware...
Moderate
Unreviewed
CVE-2023-51392
was published
Feb 23, 2024
Saia Burgess Controls (SBC) PCD through 2022-05-06 uses a Broken or Risky Cryptographic Algorithm...
Moderate
Unreviewed
CVE-2022-30320
was published
Jul 29, 2022
The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three...
Critical
Unreviewed
CVE-2022-30273
was published
Jul 27, 2022
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the...
Moderate
Unreviewed
CVE-2005-4860
was published
May 1, 2022
Emerson OpenBSI through 2022-04-29 uses weak cryptography. It is an engineering environment for...
Moderate
Unreviewed
CVE-2022-29960
was published
Jul 27, 2022
Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering...
Moderate
Unreviewed
CVE-2022-29959
was published
Aug 17, 2022
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash,...
Moderate
Unreviewed
CVE-2007-6013
was published
May 1, 2022
Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local...
Low
Unreviewed
CVE-2008-3775
was published
May 2, 2022
libxcrypt in SUSE openSUSE 11.0 uses the DES algorithm when the configuration specifies the MD5...
Moderate
Unreviewed
CVE-2008-3188
was published
May 1, 2022
TeeKai Tracking Online 1.0 uses weak encryption of web usage statistics in data/userlog/log.txt,...
Moderate
Unreviewed
CVE-2002-2058
was published
Apr 30, 2022
The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead...
Moderate
Unreviewed
CVE-2005-2946
was published
May 1, 2022
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2022-34309
was published
Feb 12, 2024
IBM CICS TX Standard and Advanced 11.1 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2022-34310
was published
Feb 12, 2024
Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.
High
CVE-2023-51838
was published
for
meshcentral
(npm)
Feb 2, 2024
Magento 2 Community Edition Cryptographic Flaw
High
CVE-2019-7858
was published
for
magento/community-edition
(Composer)
May 24, 2022
IBM Semeru Runtime 8.0.302.0 through 8.0.392.0, 11.0.12.0 through 11.0.21.0, 17.0.1.0 - 17.0.9.0,...
Moderate
Unreviewed
CVE-2024-22361
was published
Feb 10, 2024
ProTip!
Advisories are also available from the
GraphQL API