GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,084
Erlang
29
GitHub Actions
19
Go
1,910
Maven
5,000+
npm
3,646
NuGet
638
pip
3,261
Pub
10
RubyGems
870
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
415 advisories
Filter by severity
Apache Answer: Avatar URL leaked user email addresses
Moderate
CVE-2024-40761
was published
for
github.com/apache/incubator-answer
(Go)
Sep 25, 2024
Apache Linkis Spark EngineConn: Commons Lang's RandomStringUtils Random string security vulnerability
High
CVE-2024-39928
was published
for
org.apache.linkis:linkis-engineplugin-spark
(Maven)
Sep 25, 2024
Insufficient or weak TLS protocol version identified in Advance authentication client server...
High
Unreviewed
CVE-2021-38121
was published
Aug 28, 2024
Inadequate encryption strength for some BMRA software before version 22.08 may allow an...
High
Unreviewed
CVE-2024-21787
was published
Aug 14, 2024
A vulnerability has been identified in Location Intelligence family (All versions < V4.4). The...
Moderate
Unreviewed
CVE-2024-41681
was published
Aug 13, 2024
Diffie-Hellman groups with insufficient strength are used in the SSL/TLS stack of B&R Automation...
High
Unreviewed
CVE-2024-5800
was published
Aug 12, 2024
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow...
High
Unreviewed
CVE-2024-42163
was published
Aug 12, 2024
Inadequate Encryption Strength vulnerability allow an authenticated attacker to execute arbitrary...
High
Unreviewed
CVE-2024-21881
was published
Aug 12, 2024
The encryption strength of the authorization keys in CHANGING Information Technology TCBServiSign...
Moderate
Unreviewed
CVE-2024-40719
was published
Aug 2, 2024
Under certain circumstances the communication between exacqVision Client and exacqVision Server...
Critical
Unreviewed
CVE-2024-32758
was published
Aug 2, 2024
An issue was discovered in Couchbase Server before 7.2.5 and 7.6.0 before 7.6.1. It does not...
Moderate
Unreviewed
CVE-2024-37034
was published
Jul 27, 2024
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC...
High
Unreviewed
CVE-2024-38867
was published
Jul 9, 2024
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This...
Low
Unreviewed
CVE-2024-30119
was published
Jun 15, 2024
ColdFusion versions 2023u7, 2021u13 and earlier are affected by a Weak Cryptography for Passwords...
Moderate
Unreviewed
CVE-2024-34113
was published
Jun 13, 2024
Weak encryption in Ninja Core
Moderate
CVE-2024-36823
was published
for
org.ninjaframework:ninja-core
(Maven)
Jun 7, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive...
Low
Unreviewed
CVE-2023-37397
was published
Apr 19, 2024
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information...
Moderate
Unreviewed
CVE-2022-40745
was published
Apr 19, 2024
When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0...
High
Unreviewed
CVE-2024-29969
was published
Apr 19, 2024
Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not...
Moderate
Unreviewed
CVE-2024-29951
was published
Apr 17, 2024
The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa...
High
Unreviewed
CVE-2024-29950
was published
Apr 17, 2024
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an...
Moderate
Unreviewed
CVE-2024-3387
was published
Apr 10, 2024
An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL context was reset with the...
Moderate
Unreviewed
CVE-2024-28755
was published
Apr 3, 2024
Cilium has insecure IPsec transport encryption
High
CVE-2024-28860
was published
for
github.com/cilium/cilium
(Go)
Mar 28, 2024
IBM Security Verify Directory 10.0.0 uses weaker than expected cryptographic algorithms that...
Moderate
Unreviewed
CVE-2022-32753
was published
Mar 22, 2024
This vulnerability exists in AppSamvid software due to the usage of a weaker cryptographic...
High
Unreviewed
CVE-2024-25102
was published
Mar 6, 2024
ProTip!
Advisories are also available from the
GraphQL API