Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,471
Maven
5,000+
npm
4,091
NuGet
734
pip
3,907
Pub
12
RubyGems
944
Rust
1,011
Swift
39
Unreviewed advisories
All unreviewed
5,000+

461 advisories

Loading
Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and earlier (Media version:16.0... High Unreviewed
CVE-2025-46409 was published Aug 28, 2025
ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective... Critical Unreviewed
CVE-2025-45765 was published Aug 7, 2025
jsrsasign v11.1.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45764 was published Aug 6, 2025
jwt v5.4.3 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45770 was published Jul 31, 2025
php-jwt v6.11.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45769 was published Jul 31, 2025
IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and... Moderate Unreviewed
CVE-2025-36106 was published Jul 21, 2025
A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected... Moderate Unreviewed
CVE-2025-7789 was published Jul 18, 2025
Brocade ASCG before 3.3.0 allows for the use of medium strength cryptography algorithms on... High Unreviewed
CVE-2025-7398 was published Jul 18, 2025
Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-48823 was published Jul 8, 2025
Weak server key used for TLS encryption. The following products are affected: Acronis Cyber... Moderate Unreviewed
CVE-2025-48960 was published Jun 4, 2025
An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded... Moderate Unreviewed
CVE-2025-43925 was published Jun 3, 2025
IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6... Moderate Unreviewed
CVE-2024-38341 was published May 28, 2025
A vulnerability classified as problematic was found in calmkart Django-sso-server up to... Moderate Unreviewed
CVE-2025-4894 was published May 18, 2025
Weak encryption vulnerability in Hitachi JP1/IT Desktop Management 2 - Smart Device Manager on... Moderate Unreviewed
CVE-2025-27524 was published May 15, 2025
Inadequate encryption strength for some Edge Orchestrator software for Intel(R) Tiber™ Edge... Moderate Unreviewed
CVE-2025-22446 was published May 13, 2025
In Modem, there is a possible information disclosure due to incorrect error handling. This could... High Unreviewed
CVE-2025-20667 was published May 5, 2025
Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management... High Unreviewed
CVE-2025-46626 was published May 2, 2025
HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities.... Low Unreviewed
CVE-2024-42177 was published Apr 17, 2025
The use of a weak cryptographic key pair in the signature verification process in WPS Office ... Critical Unreviewed
CVE-2025-2516 was published Mar 27, 2025
A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been declared as... Low Unreviewed
CVE-2025-2349 was published Mar 17, 2025
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC... High Unreviewed
CVE-2024-54089 was published Feb 11, 2025
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote... Moderate Unreviewed
CVE-2024-10026 was published Jan 30, 2025
Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more... Moderate Unreviewed
CVE-2024-13454 was published Jan 20, 2025
A vulnerability exists in Algo Edge up to 2.1.1 - a previously used (legacy) component of navify®... Moderate Unreviewed
CVE-2024-13026 was published Jan 17, 2025
magic-crypt uses insecure cryptographic algorithms Low
GHSA-gmx7-gr5q-85w5 was published for magic-crypt (Rust) Dec 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database