Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

184 advisories

Loading
IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6... Moderate Unreviewed
CVE-2024-38341 was published May 28, 2025
A vulnerability classified as problematic was found in calmkart Django-sso-server up to... Moderate Unreviewed
CVE-2025-4894 was published May 18, 2025
Weak server key used for TLS encryption. The following products are affected: Acronis Cyber... Moderate Unreviewed
CVE-2025-48960 was published Jun 4, 2025
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded... Moderate Unreviewed
CVE-2025-43925 was published Jun 3, 2025
Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on... Moderate Unreviewed
CVE-2025-27524 was published May 15, 2025
Inadequate encryption strength for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Moderate Unreviewed
CVE-2025-22446 was published May 13, 2025
An Inadequate Encryption Strength issue was discovered in Schneider Electric Wonderware InTouch... Moderate Unreviewed
CVE-2017-5160 was published May 13, 2022
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the... Moderate Unreviewed
CVE-2016-6225 was published May 14, 2022
Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the... Moderate Unreviewed
CVE-2016-10104 was published May 17, 2022
When viewing an email message A, which contains an attached message B, where B is encrypted or... Moderate Unreviewed
CVE-2022-1520 was published Dec 22, 2022
SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to... Moderate Unreviewed
CVE-2005-4900 was published May 1, 2022
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet... Moderate Unreviewed
CVE-2011-3389 was published May 13, 2022
IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could... Moderate Unreviewed
CVE-2022-43922 was published Feb 1, 2023
In the ownCloud application before 2.15 for Android, the lock protection mechanism can be... Moderate Unreviewed
CVE-2020-36250 was published May 24, 2022
Electra Central AC unit – The unit opens an AP with an easily calculated password. Moderate Unreviewed
CVE-2023-24502 was published Jul 6, 2023
Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not... Moderate Unreviewed
CVE-2024-29951 was published Apr 17, 2024
Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more... Moderate Unreviewed
CVE-2024-13454 was published Jan 20, 2025
A vulnerability exists in Algo Edge up to 2.1.1 - a previously used (legacy) component of navify®... Moderate Unreviewed
CVE-2024-13026 was published Jan 17, 2025
An issue was discovered in SubmitEntityAction in Wikibase in MediaWiki through 1.39.3. Because it... Moderate Unreviewed
CVE-2023-37301 was published Jun 30, 2023
In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying... Moderate Unreviewed
CVE-2023-20942 was published Jul 13, 2023
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... Moderate Unreviewed
CVE-2024-45259 was published Oct 24, 2024
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases,... Moderate Unreviewed
CVE-2013-2566 was published May 13, 2022
Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys... Moderate Unreviewed
CVE-2023-4333 was published Aug 15, 2023
An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not... Moderate Unreviewed
CVE-2024-37034 was published Jul 27, 2024
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the... Moderate Unreviewed
CVE-2024-28755 was published Apr 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database