Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

176 advisories

Loading
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This... High Unreviewed
CVE-2025-66597 was published Feb 9, 2026
A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This... High Unreviewed
CVE-2025-66598 was published Feb 9, 2026
Use of a Broken or Risky Cryptographic Algorithm (DES) vulnerability in the Password class in... High Unreviewed
CVE-2025-58743 was published Jan 21, 2026
A Use of a Broken or Risky Cryptographic Algorithm vulnerability in the TLS/SSL server of Juniper... High Unreviewed
CVE-2026-21907 was published Jan 15, 2026
The application uses an insecure hashing algorithm (MD5) to hash passwords. If an attacker... High Unreviewed
CVE-2025-65831 was published Dec 10, 2025
The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files... High Unreviewed
CVE-2025-9317 was published Nov 15, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an insecure hashing algorithm... High Unreviewed
CVE-2025-34519 was published Oct 16, 2025
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.67.2 allows... High Unreviewed
CVE-2025-21062 was published Oct 10, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments)... High Unreviewed
CVE-2025-34208 was published Oct 2, 2025
Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with Secure Boot... High Unreviewed
CVE-2025-59408 was published Sep 25, 2025
The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of... High Unreviewed
CVE-2025-59484 was published Sep 24, 2025
A vulnerability in the cryptographic logic used by HPE Aruba Networking EdgeConnect SD-WAN... High Unreviewed
CVE-2025-37127 was published Sep 17, 2025
A flaw has been found in Linksys E5600 1.1.0.26. The affected element is the function... High Unreviewed
CVE-2025-9146 was published Aug 19, 2025
jsrsasign v11.1.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45764 was published Aug 6, 2025
poco v1.14.1-release was discovered to contain weak encryption. High Unreviewed
CVE-2025-45766 was published Aug 6, 2025
CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cryptographic hash algorithm... High Unreviewed
CVE-2025-51726 was published Aug 4, 2025
jose v6.0.10 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45767 was published Aug 1, 2025
A vulnerability has been identified in SIRIUS 3RK3 Modular Safety System (MSS) (All versions),... High Unreviewed
CVE-2025-24007 was published May 13, 2025
The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing... High Unreviewed
CVE-2025-2539 was published Mar 20, 2025
Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. High Unreviewed
CVE-2024-4282 was published Feb 15, 2025
An issue was discovered in AudioCodes Mediant Session Border Controller (SBC) before 7.40A.501... High Unreviewed
CVE-2024-52884 was published Feb 7, 2025
An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router SAM-4G1G-TT-W-VC, SAM-4F1F-TT-W... High Unreviewed
CVE-2025-22936 was published Feb 6, 2025
Brocade SANnav before Brocade SANnav 2.2.2 supports key exchange algorithms, which are considered... High Unreviewed
CVE-2022-43934 was published Feb 4, 2025
ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware... High Unreviewed
CVE-2024-52331 was published Jan 23, 2025
A “Use of a Broken or Risky Cryptographic Algorithm” vulnerability in the SSL/TLS component used... High Unreviewed
CVE-2024-8603 was published Jan 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database