Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,685
Maven
5,000+
npm
4,318
NuGet
760
pip
4,092
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

534 advisories

Loading
cggmp24 and cggmp21 are vulnerable to signature forgery through altered presignatures High
CVE-2025-66017 was published for cggmp21 (Rust) Nov 25, 2025
IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographic algorithms that could... Moderate Unreviewed
CVE-2025-36150 was published Nov 24, 2025
IBM Concert 1.0.0 through 2.0.0 could allow a remote attacker to obtain sensitive information,... Moderate Unreviewed
CVE-2025-36161 was published Nov 20, 2025
The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files... High Unreviewed
CVE-2025-9317 was published Nov 15, 2025
A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11... Moderate Unreviewed
CVE-2025-54340 was published Nov 14, 2025
Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0.0 through 9.12.0.0,... Moderate Unreviewed
CVE-2025-43723 was published Nov 10, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an insecure hashing algorithm... High Unreviewed
CVE-2025-34519 was published Oct 16, 2025
A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an... Low Unreviewed
CVE-2025-11650 was published Oct 13, 2025
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows... High Unreviewed
CVE-2025-21062 was published Oct 10, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43913 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Low Unreviewed
CVE-2025-43909 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43891 was published Oct 7, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments)... High Unreviewed
CVE-2025-34208 was published Oct 2, 2025
Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt... Moderate Unreviewed
CVE-2025-59745 was published Oct 2, 2025
Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with Secure Boot... High Unreviewed
CVE-2025-59408 was published Sep 25, 2025
The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of... High Unreviewed
CVE-2025-59484 was published Sep 24, 2025
A vulnerability in the cryptographic logic used by HPE Aruba Networking EdgeConnect SD-WAN... High Unreviewed
CVE-2025-37127 was published Sep 17, 2025
IBM Security Verify Information Queue 10.0.5, 10.0.6, 10.0.7, and 10.0.8 uses weaker than... Moderate Unreviewed
CVE-2024-45671 was published Sep 10, 2025
A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This... Low Unreviewed
CVE-2025-9383 was published Aug 24, 2025
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function... High Unreviewed
CVE-2025-9146 was published Aug 19, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Moderate Unreviewed
CVE-2024-41986 was published Aug 12, 2025
jsrsasign v11.1.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45764 was published Aug 6, 2025
poco v1.14.1-release was discovered to contain weak encryption. High Unreviewed
CVE-2025-45766 was published Aug 6, 2025
CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cryptographic hash algorithm... High Unreviewed
CVE-2025-51726 was published Aug 4, 2025
jose v6.0.10 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45767 was published Aug 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database