GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
452 advisories
Filter by severity
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is...
Moderate
Unreviewed
CVE-2023-40660
was published
Nov 6, 2023
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits...
Moderate
Unreviewed
CVE-2024-28834
was published
Mar 21, 2024
python-jose algorithm confusion with OpenSSH ECDSA keys
Critical
CVE-2024-33663
was published
for
python-jose
(pip)
Apr 26, 2024
Silver vulnerable to MitM attack against implants due to a cryptography vulnerability
Critical
CVE-2023-34758
was published
for
github.com/bishopfox/sliver
(Go)
Jun 21, 2023
In modem, there is a possible information disclosure due to using risky cryptographic algorithm...
Moderate
Unreviewed
CVE-2024-20070
was published
Jun 3, 2024
IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2024-43189
was published
Nov 15, 2024
Ciphertext Malleability Issue in Tink Java
Moderate
CVE-2020-8929
was published
for
com.google.crypto.tink:tink
(Maven)
Oct 16, 2020
paillier-zk has ambiguous challenge derivation
Low
GHSA-fpr5-jp2j-4q2f
was published
for
paillier-zk
(Rust)
Nov 12, 2024
cggmp21 vulnerable to ambiguous challenge derivation
Low
GHSA-rm66-9gh4-4gp8
was published
for
cggmp21
(Rust)
Nov 12, 2024
cggmp21-keygen has ambiguous challenge derivation
Low
GHSA-7jjx-3qw9-j6h6
was published
for
cggmp21-keygen
(Rust)
Nov 12, 2024
This vulnerability exists in the Wave 2.0 due to weak encryption of sensitive data received at...
High
Unreviewed
CVE-2024-51556
was published
Nov 4, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. The password for the root user...
Moderate
Unreviewed
CVE-2020-11916
was published
Nov 7, 2024
YesWiki Uses a Broken or Risky Cryptographic Algorithm
High
CVE-2024-51478
was published
for
yeswiki/yeswiki
(Composer)
Oct 31, 2024
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware...
Moderate
Unreviewed
CVE-2023-5962
was published
Dec 23, 2023
Python-RSA decryption of ciphertext leads to DoS
High
CVE-2020-13757
was published
for
rsa
(pip)
Mar 24, 2021
A vulnerability was found in Topdata Inner Rep Plus WebServer 2.01. It has been rated as...
Moderate
Unreviewed
CVE-2024-10128
was published
Oct 18, 2024
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.24, contains a Use of a...
Moderate
Unreviewed
CVE-2024-48016
was published
Oct 18, 2024
Key confusion through non-blocklisted public key formats
High
CVE-2022-29217
was published
for
pyjwt
(pip)
May 24, 2022
The authentication cookies are generated using an algorithm based on the username, hardcoded...
High
Unreviewed
CVE-2023-49259
was published
Jan 12, 2024
Portainer improperly uses an encryption algorithm in the AesEncrypt function
High
CVE-2024-33662
was published
for
github.com/portainer/portainer
(Go)
Oct 2, 2024
Certain switch models from PLANET Technology only support obsolete algorithms for authentication...
High
Unreviewed
CVE-2024-8452
was published
Sep 30, 2024
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware...
Moderate
Unreviewed
CVE-2023-51392
was published
Feb 23, 2024
SAP PowerDesigner - version 16.7, queries all password hashes in the backend database and...
Moderate
Unreviewed
CVE-2023-37484
was published
Aug 8, 2023
ProTip!
Advisories are also available from the
GraphQL API