Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

253 advisories

Loading
Altcha Proof-of-Work obfuscation mode cryptanalytic break Moderate
CVE-2025-65849 was published for altcha (npm) Dec 8, 2025
eternal-flame-AD
Credited to eternal-flame-AD
IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could... Moderate Unreviewed
CVE-2025-36150 was published Nov 24, 2025
IBM Concert 1.0.0 through 2.0.0 could allow a remote attacker to obtain sensitive information,... Moderate Unreviewed
CVE-2025-36161 was published Nov 20, 2025
A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11... Moderate Unreviewed
CVE-2025-54340 was published Nov 14, 2025
Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0,... Moderate Unreviewed
CVE-2025-43723 was published Nov 10, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43913 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43891 was published Oct 7, 2025
Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt... Moderate Unreviewed
CVE-2025-59745 was published Oct 2, 2025
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than... Moderate Unreviewed
CVE-2024-45671 was published Sep 10, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Moderate Unreviewed
CVE-2024-41986 was published Aug 12, 2025
Dell PowerScale OneFS, versions prior to 9.11.0.0, contains a use of a broken or risky... Moderate Unreviewed
CVE-2025-30477 was published Jul 21, 2025
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of... Moderate Unreviewed
CVE-2024-49784 was published Jul 8, 2025
A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All... Moderate Unreviewed
CVE-2025-41223 was published Jul 8, 2025
A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All... Moderate Unreviewed
CVE-2023-52236 was published Jul 8, 2025
The VNC authentication mechanism bases on a challenge-response system where both server and... Moderate Unreviewed
CVE-2025-27458 was published Jul 3, 2025
During the initial setup of the device the user connects to an access point broadcast by the... Moderate Unreviewed
CVE-2025-6521 was published Jun 27, 2025
A service supports the use of a deprecated and unsafe TLS version. This could be exploited to... Moderate Unreviewed
CVE-2025-49196 was published Jun 12, 2025
Missing Cryptographic Step vulnerability in Tridium Niagara Framework on Windows, Linux, QNX,... Moderate Unreviewed
CVE-2025-3938 was published May 22, 2025
IBM Concert Software 1.0.0 through 1.0.5 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2024-55912 was published May 2, 2025
HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit... Moderate Unreviewed
CVE-2024-30152 was published Apr 25, 2025
An Improper Authorization vulnerability was identified in the EOL OVA based connect component... Moderate Unreviewed
CVE-2025-3838 was published Apr 21, 2025
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.12 uses weaker than expected... Moderate Unreviewed
CVE-2024-22314 was published Apr 16, 2025
IBM Aspera Console 3.4.0 through 3.4.4 uses weaker than expected cryptographic algorithms that... Moderate Unreviewed
CVE-2022-43851 was published Apr 14, 2025
IBM SPSS Statistics 26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than expected cryptographic... Moderate Unreviewed
CVE-2024-31896 was published Mar 25, 2025
Use of a Broken or Risky Cryptographic Algorithm, Use of Password Hash With Insufficient... Moderate Unreviewed
CVE-2025-26486 was published Mar 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database