GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,972
Composer 4,285
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,238
npm 3,741
NuGet 668
pip 3,422
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,198

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

85 advisories

Filter by severity

Sort by

Least recently updated

This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004... Moderate Unreviewed

CVE-2021-1883 was published May 24, 2022

When curl is instructed to download content using the metalink feature, thecontents is verified... High Unreviewed

CVE-2021-22922 was published May 24, 2022

There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone... High Unreviewed

CVE-2021-22442 was published May 24, 2022

IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local... High Unreviewed

CVE-2020-4610 was published May 24, 2022

Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers... High Unreviewed

CVE-2021-25388 was published May 24, 2022

In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during... High Unreviewed

CVE-2021-31913 was published May 24, 2022

An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi... Moderate Unreviewed

CVE-2020-26141 was published May 24, 2022

Proofpoint Enterprise Protection (PPS/PoD) before 8.17.0 contains a vulnerability that could... Moderate Unreviewed

CVE-2020-14009 was published May 24, 2022

Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3... High Unreviewed

CVE-2021-20709 was published May 24, 2022

There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does... Moderate Unreviewed

CVE-2020-9118 was published May 24, 2022

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration... High Unreviewed

CVE-2020-25758 was published May 24, 2022

Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions... Moderate Unreviewed

CVE-2020-5637 was published May 24, 2022

The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019... High Unreviewed

CVE-2020-28656 was published May 24, 2022

In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash.... High Unreviewed

CVE-2020-25862 was published May 24, 2022

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host... Moderate Unreviewed

CVE-2020-5964 was published May 24, 2022

An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows... Moderate Unreviewed

CVE-2020-8838 was published May 24, 2022

There is an improper integrity checking vulnerability on some huawei products. The software of... Low Unreviewed

CVE-2020-1879 was published May 24, 2022

Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before... High Unreviewed

CVE-2019-18672 was published May 24, 2022

One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a... High Unreviewed

CVE-2019-13496 was published May 24, 2022

The Firefox installer allows Firefox to be installed to a custom user writable location, leaving... High Unreviewed

CVE-2019-11753 was published May 24, 2022

A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka ... Moderate Unreviewed

CVE-2019-1163 was published May 24, 2022

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange... Low Unreviewed

CVE-2019-10155 was published May 24, 2022

The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity... Moderate Unreviewed

CVE-2017-9498 was published May 13, 2022

An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3... High Unreviewed

CVE-2017-4961 was published May 13, 2022

The Lenovo Service Framework Android application uses a set of nonsecure credentials when... High Unreviewed

CVE-2017-3760 was published May 13, 2022

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

85 advisories