Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
48
Go
3,399
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,618
Pub
13
RubyGems
1,026
Rust
1,205
Swift
52
Unreviewed advisories
All unreviewed
5,000+

483 advisories

Loading
The hard drives of the device are not encrypted using a full volume encryption feature such as... High Unreviewed
CVE-2025-27460 was published Jul 3, 2025
Weak server key used for TLS encryption. The following products are affected: Acronis Cyber... Moderate Unreviewed
CVE-2025-48960 was published Jun 4, 2025
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded... Moderate Unreviewed
CVE-2025-43925 was published Jun 3, 2025
IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6... Moderate Unreviewed
CVE-2024-38341 was published May 28, 2025
A vulnerability classified as problematic was found in calmkart Django-sso-server up to... Moderate Unreviewed
CVE-2025-4894 was published May 18, 2025
Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on... Moderate Unreviewed
CVE-2025-27524 was published May 15, 2025
Inadequate encryption strength for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Moderate Unreviewed
CVE-2025-22446 was published May 13, 2025
In Modem, there is a possible information disclosure due to incorrect error handling. This could... High Unreviewed
CVE-2025-20667 was published May 5, 2025
Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management... High Unreviewed
CVE-2025-46626 was published May 2, 2025
HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities.... Low Unreviewed
CVE-2024-42177 was published Apr 17, 2025
The use of a weak cryptographic key pair in the signature verification process in WPS Office ... Critical Unreviewed
CVE-2025-2516 was published Mar 27, 2025
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as... Low Unreviewed
CVE-2025-2349 was published Mar 17, 2025
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC... High Unreviewed
CVE-2024-54089 was published Feb 11, 2025
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote... Moderate Unreviewed
CVE-2024-10026 was published Jan 30, 2025
Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more... Moderate Unreviewed
CVE-2024-13454 was published Jan 20, 2025
A vulnerability exists in Algo Edge up to 2.1.1 - a previously used (legacy) component of navify®... Moderate Unreviewed
CVE-2024-13026 was published Jan 17, 2025
magic-crypt uses insecure cryptographic algorithms Low
GHSA-gmx7-gr5q-85w5 was published for magic-crypt (Rust) Dec 30, 2024
Apache Answer: Predictable Authorization Token Using UUIDv1 Low
CVE-2024-45719 was published for github.com/apache/incubator-answer (Go) Nov 22, 2024
Apache Tomcat - XSS in generated JSPs Moderate
CVE-2024-52318 was published for org.apache.tomcat:tomcat-jasper (Maven) Nov 18, 2024
Apache Tomcat Request and/or response mix-up Moderate
CVE-2024-52317 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Nov 18, 2024
Snowflake JDBC Security Advisory Moderate
CVE-2024-43382 was published for net.snowflake:snowflake-jdbc (Maven) Oct 30, 2024
Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows... High Unreviewed
CVE-2024-50550 was published Oct 29, 2024
An issue was discovered on certain GL-iNet devices, including MT6000, MT3000, MT2500, AXT1800,... Moderate Unreviewed
CVE-2024-45259 was published Oct 24, 2024
Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows... Low Unreviewed
CVE-2023-6728 was published Oct 17, 2024
An unauthenticated local attacker can decrypt the devices config file and therefore compromise... High Unreviewed
CVE-2024-45273 was published Oct 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database