GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,971

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

193 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insufficient encryption strength in Sprecher Automation SPRECON-E-C, SPRECON-E-P, and SPRECON-E... Moderate Unreviewed

CVE-2025-41743 was published Dec 2, 2025

With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could ignore the request for PFS ... Moderate Unreviewed

CVE-2025-11935 was published Nov 22, 2025

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0... Moderate Unreviewed

CVE-2025-12439 was published Nov 10, 2025

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and... Moderate Unreviewed

CVE-2025-36106 was published Jul 21, 2025

A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected... Moderate Unreviewed

CVE-2025-7789 was published Jul 18, 2025

Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-48823 was published Jul 8, 2025

Weak server key used for TLS encryption. The following products are affected: Acronis Cyber... Moderate Unreviewed

CVE-2025-48960 was published Jun 4, 2025

An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded... Moderate Unreviewed

CVE-2025-43925 was published Jun 3, 2025

IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6... Moderate Unreviewed

CVE-2024-38341 was published May 28, 2025

A vulnerability classified as problematic was found in calmkart Django-sso-server up to... Moderate Unreviewed

CVE-2025-4894 was published May 18, 2025

Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on... Moderate Unreviewed

CVE-2025-27524 was published May 15, 2025

Inadequate encryption strength for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Moderate Unreviewed

CVE-2025-22446 was published May 13, 2025

A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote... Moderate Unreviewed

CVE-2024-10026 was published Jan 30, 2025

Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more... Moderate Unreviewed

CVE-2024-13454 was published Jan 20, 2025

A vulnerability exists in Algo Edge up to 2.1.1 - a previously used (legacy) component of navify®... Moderate Unreviewed

CVE-2024-13026 was published Jan 17, 2025

An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... Moderate Unreviewed

CVE-2024-45259 was published Oct 24, 2024

A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The... Moderate Unreviewed

CVE-2024-41681 was published Aug 13, 2024

The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign... Moderate Unreviewed

CVE-2024-40719 was published Aug 2, 2024

An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not... Moderate Unreviewed

CVE-2024-37034 was published Jul 27, 2024

ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords... Moderate Unreviewed

CVE-2024-34113 was published Jun 13, 2024

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information... Moderate Unreviewed

CVE-2022-40745 was published Apr 19, 2024

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not... Moderate Unreviewed

CVE-2024-29951 was published Apr 17, 2024

A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an... Moderate Unreviewed

CVE-2024-3387 was published Apr 10, 2024

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the... Moderate Unreviewed

CVE-2024-28755 was published Apr 3, 2024

IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed

CVE-2022-32753 was published Mar 22, 2024

Previous1…8 Next

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

193 advisories