Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

41 advisories

Loading
ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache Critical
CVE-2024-31989 was published for github.com/argoproj/argo-cd (Go) May 21, 2024
oreenlivnicode leoluz
crenshaw-dev mkilchhofer todaywasawesome pasha-codefresh
DeviceFarmer stf uses DES-ECB Critical
CVE-2023-51839 was published for @devicefarmer/stf (npm) Jan 29, 2024
bsock uses weak hashing algorithms Critical
CVE-2023-50475 was published for bsock (npm) Dec 21, 2023
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard Critical
CVE-2023-46233 was published for crypto-js (npm) Oct 25, 2023
Zemnmez nzgeek
crypto-es PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard Critical
CVE-2023-46133 was published for crypto-es (npm) Oct 25, 2023
Zemnmez
Collision of hash values in github.com/bnb-chain/tss-lib Critical
CVE-2022-47931 was published for github.com/bnb-chain/tss-lib (Go) Dec 23, 2022
Rocket-Chip commit 4f8114374d8824dfdec03f576a8cd68bebce4e56 was discovered to contain... Critical Unreviewed
CVE-2022-34632 was published Jul 19, 2022
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2.... Critical Unreviewed
CVE-2021-31556 was published May 24, 2022
Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and... Critical Unreviewed
CVE-2020-36363 was published May 24, 2022
An exploitable information disclosure vulnerability exists in the Weave PASE pairing... Critical Unreviewed
CVE-2019-5035 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API