GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,870
Composer 4,263
Erlang 31
GitHub Actions 21
Go 2,033
Maven 5,218
npm 3,732
NuGet 662
pip 3,411
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,468

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

36 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Listary through 6. Improper implementation of the update process leads... High Unreviewed

CVE-2021-41067 was published Dec 15, 2021

The DFX module has a vulnerability of improper validation of integrity check values.Successful... High Unreviewed

CVE-2022-22253 was published Apr 12, 2022

Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by... High Unreviewed

CVE-2020-14120 was published Apr 22, 2022

The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed... High Unreviewed

CVE-2022-22781 was published Apr 29, 2022

An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third... High Unreviewed

CVE-2018-6336 was published May 13, 2022

The Lenovo Service Framework Android application uses a set of nonsecure credentials when... High Unreviewed

CVE-2017-3760 was published May 13, 2022

An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3... High Unreviewed

CVE-2017-4961 was published May 13, 2022

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving... High Unreviewed

CVE-2019-11753 was published May 24, 2022

One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a... High Unreviewed

CVE-2019-13496 was published May 24, 2022

Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before... High Unreviewed

CVE-2019-18672 was published May 24, 2022

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash.... High Unreviewed

CVE-2020-25862 was published May 24, 2022

The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019... High Unreviewed

CVE-2020-28656 was published May 24, 2022

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration... High Unreviewed

CVE-2020-25758 was published May 24, 2022

Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3... High Unreviewed

CVE-2021-20709 was published May 24, 2022

In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during... High Unreviewed

CVE-2021-31913 was published May 24, 2022

Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers... High Unreviewed

CVE-2021-25388 was published May 24, 2022

IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local... High Unreviewed

CVE-2020-4610 was published May 24, 2022

There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone... High Unreviewed

CVE-2021-22442 was published May 24, 2022

When curl is instructed to download content using the metalink feature, thecontents is verified... High Unreviewed

CVE-2021-22922 was published May 24, 2022

In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead... High Unreviewed

CVE-2022-21757 was published Jun 7, 2022

A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C... High Unreviewed

CVE-2021-37182 was published Jun 15, 2022

An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full... High Unreviewed

CVE-2022-29549 was published Aug 19, 2022

Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3... High Unreviewed

CVE-2022-39844 was published Sep 10, 2022

Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074... High Unreviewed

CVE-2022-39845 was published Sep 10, 2022

FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux... High Unreviewed

CVE-2022-36174 was published Sep 13, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

36 advisories