GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
91
GitHub Actions
54
Go
4,194
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,422
Swift
61
Unreviewed advisories
All unreviewed
5,000+
20 advisories
Filter by severity
When HAVE_ENCRYPT_THEN_MAC is configured, the implementation could fall back to MAC-then-Encrypt...
Low
Unreviewed
CVE-2026-6092
was published
Jun 26, 2026
CoreWCF: WS-Security Reference DigestMethod Algorithm-Suite Bypass
Low
CVE-2026-54780
was published
for
CoreWCF.Primitives
(NuGet)
Jun 19, 2026
Symfony: Mailomat Mailer Webhook Parser Reads the HMAC Algorithm from the Request: Signature Algorithm Downgrade
Moderate
CVE-2026-48747
was published
for
symfony/mailomat-mailer
(Composer)
Jun 15, 2026
AWS Encryption SDK for Python: Key commitment policy bypass via shared key cache
Moderate
CVE-2026-6550
was published
for
aws-encryption-sdk
(pip)
Apr 24, 2026
Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable ...
High
Unreviewed
CVE-2026-32650
was published
Apr 17, 2026
Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected
preferred key...
High
Unreviewed
CVE-2026-2673
was published
Mar 13, 2026
When SmartStart Inclusion fails during the onboarding of a Z-Wave PIR sensor, the sensor will...
High
Unreviewed
CVE-2025-10693
was published
Oct 31, 2025
psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse'...
Low
Unreviewed
CVE-2025-59270
was published
Sep 16, 2025
Dell NetWorker, versions 19.12.0.1 and prior, contains a Selection of Less-Secure Algorithm...
Moderate
Unreviewed
CVE-2025-36582
was published
Jul 1, 2025
SIMPLE.ERP client is vulnerable to MS SQL protocol downgrade request from a server side, what...
High
Unreviewed
CVE-2024-8773
was published
Mar 24, 2025
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS...
Critical
Unreviewed
CVE-2025-24154
was published
Jan 28, 2025
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what...
Critical
Unreviewed
CVE-2024-4995
was published
Dec 18, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38883
was published
Aug 2, 2024
In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a...
Moderate
Unreviewed
CVE-2024-20069
was published
Jun 3, 2024
IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could...
High
Unreviewed
CVE-2022-33160
was published
Oct 7, 2023
Legacy pairing and secure-connections pairing authentication in Bluetooth® BR/EDR Core...
Moderate
Unreviewed
CVE-2020-10135
was published
May 24, 2022
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The software does not...
Moderate
Unreviewed
CVE-2020-16200
was published
May 24, 2022
Inadequate Encryption Strength and Algorithm Downgrade in Wildfly
Moderate
Unreviewed
CVE-2019-14887
was published
Feb 15, 2022
Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL Strip Vulnerability in the...
Moderate
Unreviewed
CVE-2021-36326
was published
Dec 1, 2021
postfix-mta-sts-resolver Algorithm Downgrade vulnerability
High
CVE-2019-16791
was published
for
postfix-mta-sts-resolver
(pip)
Jul 5, 2019
ProTip!
Advisories are also available from the
GraphQL API