GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
102 advisories
Filter by severity
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware...
Critical
Unreviewed
CVE-2023-28386
was published
May 22, 2023
Rebuilding a run with revoked script approval allowed by Jenkins Pipeline: Groovy Plugin
High
CVE-2024-52550
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
Nov 13, 2024
github.com/containers/image allows unexpected authenticated registry accesses
High
CVE-2024-3727
was published
for
github.com/containers/image
(Go)
May 14, 2024
An issue in TOTOLINK Bluetooth Wireless Adapter A600UB allows a local attacker to execute...
High
Unreviewed
CVE-2024-51141
was published
Nov 15, 2024
tlslite-ng off-by-one error on mac checking
High
CVE-2018-1000159
was published
for
tlslite-ng
(pip)
Jul 12, 2018
Incomplete validation of shapes in multiple TF ops
High
CVE-2021-41206
was published
for
tensorflow
(pip)
Nov 10, 2021
Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16...
Moderate
Unreviewed
CVE-2024-49406
was published
Nov 6, 2024
OpenStack Ironic fails to verify checksums of supplied image_source URLs
Moderate
CVE-2024-47211
was published
for
ironic
(pip)
Oct 4, 2024
In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page)...
Critical
Unreviewed
CVE-2022-31266
was published
Jun 30, 2022
An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It...
Moderate
Unreviewed
CVE-2024-31958
was published
Jun 7, 2024
In the Linux kernel, the following vulnerability has been resolved:
nfsd: map the EBADMSG to...
Moderate
Unreviewed
CVE-2024-49875
was published
Oct 21, 2024
secp256k1-node allows private key extraction over ECDH
High
CVE-2024-48930
was published
for
secp256k1
(npm)
Oct 21, 2024
Issue summary: The AES-SIV cipher implementation contains a bug that causes
it to ignore empty...
Moderate
Unreviewed
CVE-2023-2975
was published
Jul 14, 2023
This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the...
High
Unreviewed
CVE-2024-47089
was published
Sep 19, 2024
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated...
High
Unreviewed
CVE-2023-36537
was published
Jul 11, 2023
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper validation of the ...
Moderate
Unreviewed
CVE-2024-45789
was published
Sep 11, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR10 fails to validate /etc/mtab during...
Moderate
Unreviewed
CVE-2023-24063
was published
Aug 8, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0...
High
Unreviewed
CVE-2023-33206
was published
Aug 8, 2024
Apache MINA SSHD: integrity check bypass
High
CVE-2024-41909
was published
for
org.apache.sshd:sshd-common
(Maven)
Aug 12, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on...
Moderate
Unreviewed
CVE-2024-23461
was published
May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on...
Moderate
Unreviewed
CVE-2023-41970
was published
May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on...
Low
Unreviewed
CVE-2024-23462
was published
May 2, 2024
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin
Moderate
CVE-2023-48795
was published
for
golang.org/x/crypto
(Go)
Dec 18, 2023
PHPECC vulnerable to multiple cryptographic side-channel attacks
Critical
GHSA-346h-749j-r28w
was published
for
mdanter/ecc
(Composer)
Apr 25, 2024
Moodle Grade information disclosure in grade's external fetch functions
Moderate
CVE-2021-20184
was published
for
moodle/moodle
(Composer)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API