GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
82 advisories
Filter by severity
An issue was discovered in Listary through 6. Improper implementation of the update process leads...
High
Unreviewed
CVE-2021-41067
was published
Dec 15, 2021
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP...
Moderate
Unreviewed
CVE-2021-3772
was published
Mar 4, 2022
A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the...
Moderate
Unreviewed
CVE-2021-4148
was published
Mar 24, 2022
The DFX module has a vulnerability of improper validation of integrity check values.Successful...
High
Unreviewed
CVE-2022-22253
was published
Apr 12, 2022
Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by...
High
Unreviewed
CVE-2020-14120
was published
Apr 22, 2022
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed...
High
Unreviewed
CVE-2022-22781
was published
Apr 29, 2022
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF,...
Moderate
Unreviewed
CVE-2022-25946
was published
May 6, 2022
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration...
Critical
Unreviewed
CVE-2022-29898
was published
May 12, 2022
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third...
High
Unreviewed
CVE-2018-6336
was published
May 13, 2022
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for...
Critical
Unreviewed
CVE-2017-15994
was published
May 13, 2022
The Lenovo Service Framework Android application uses a set of nonsecure credentials when...
High
Unreviewed
CVE-2017-3760
was published
May 13, 2022
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3...
High
Unreviewed
CVE-2017-4961
was published
May 13, 2022
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity...
Moderate
Unreviewed
CVE-2017-9498
was published
May 13, 2022
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange...
Low
Unreviewed
CVE-2019-10155
was published
May 24, 2022
A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka ...
Moderate
Unreviewed
CVE-2019-1163
was published
May 24, 2022
The Firefox installer allows Firefox to be installed to a custom user writable location, leaving...
High
Unreviewed
CVE-2019-11753
was published
May 24, 2022
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a...
High
Unreviewed
CVE-2019-13496
was published
May 24, 2022
Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before...
High
Unreviewed
CVE-2019-18672
was published
May 24, 2022
There is an improper integrity checking vulnerability on some huawei products. The software of...
Low
Unreviewed
CVE-2020-1879
was published
May 24, 2022
An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows...
Moderate
Unreviewed
CVE-2020-8838
was published
May 24, 2022
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host...
Moderate
Unreviewed
CVE-2020-5964
was published
May 24, 2022
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash....
High
Unreviewed
CVE-2020-25862
was published
May 24, 2022
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019...
High
Unreviewed
CVE-2020-28656
was published
May 24, 2022
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions...
Moderate
Unreviewed
CVE-2020-5637
was published
May 24, 2022
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration...
High
Unreviewed
CVE-2020-25758
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API