GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,952
Composer 4,274
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,419
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,599

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

102 advisories

Filter by severity

Sort by

Least recently updated

Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream... High Unreviewed

CVE-2022-24404 was published Oct 19, 2023

All firmware versions of the NPort 5000 Series are affected by an improper validation of... High Unreviewed

CVE-2023-4929 was published Oct 3, 2023

A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could... Moderate Unreviewed

CVE-2023-20233 was published Sep 13, 2023

FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial... High Unreviewed

CVE-2023-38802 was published Aug 29, 2023

Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty... Moderate Unreviewed

CVE-2023-2975 was published Jul 14, 2023

DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access... Critical Unreviewed

CVE-2023-33668 was published Jul 12, 2023

Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated... High Unreviewed

CVE-2023-36537 was published Jul 11, 2023

Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3... Moderate Unreviewed

CVE-2023-30673 was published Jul 6, 2023

OpenZeppelin Contracts using MerkleProof multiproofs may allow proving arbitrary leaves for specific trees Moderate

CVE-2023-34459 was published for @openzeppelin/contracts (npm) Jun 19, 2023

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in... Moderate Unreviewed

CVE-2023-31437 was published Jun 13, 2023

An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then... Moderate Unreviewed

CVE-2023-31438 was published Jun 13, 2023

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a... Moderate Unreviewed

CVE-2023-31439 was published Jun 13, 2023

Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private... Moderate Unreviewed

CVE-2023-33981 was published May 24, 2023

Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware... Critical Unreviewed

CVE-2023-28386 was published May 22, 2023

Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00... High Unreviewed

CVE-2023-30356 was published May 10, 2023

A vulnerability was found in ICEPAY REST-API-NET 0.9. It has been declared as problematic.... Moderate Unreviewed

CVE-2016-15028 was published Mar 12, 2023

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a... High Unreviewed

CVE-2022-45142 was published Mar 7, 2023

An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can... Moderate Unreviewed

CVE-2022-45191 was published Feb 8, 2023

The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed

CVE-2023-23120 was published Feb 2, 2023

The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed

CVE-2023-23119 was published Feb 2, 2023

The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... Moderate Unreviewed

CVE-2022-46402 was published Dec 20, 2022

An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi... Moderate Unreviewed

CVE-2022-38956 was published Sep 21, 2022

An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi... High Unreviewed

CVE-2022-38955 was published Sep 21, 2022

FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux... High Unreviewed

CVE-2022-36174 was published Sep 13, 2022

Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074... High Unreviewed

CVE-2022-39845 was published Sep 10, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

102 advisories