GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,227
Composer 3,941
Erlang 29
GitHub Actions 16
Go 1,722
Maven 4,952
npm 3,481
NuGet 605
pip 3,049
Pub 10
RubyGems 832
Rust 778
Swift 34

Unreviewed advisories

All unreviewed 219,225

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

241 advisories

Filter by severity

Sort by

Least recently updated

An attacker with access to the private network (the charger is connected to) or local access to... Moderate Unreviewed

CVE-2024-5684 was published Jun 6, 2024

A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to... High Unreviewed

CVE-2024-3049 was published Jun 6, 2024

Insufficient Verification of Data Authenticity vulnerability in Cozmoslabs Profile Builder allows... Moderate Unreviewed

CVE-2024-31341 was published May 17, 2024

Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for... Moderate Unreviewed

CVE-2024-27244 was published May 15, 2024

ThroughTek Kalay SDK does not verify the authenticity of received messages, allowing an attacker... Moderate Unreviewed

CVE-2023-6323 was published May 15, 2024

An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL... Moderate Unreviewed

CVE-2023-45586 was published May 14, 2024

A vulnerability has been identified in SIMATIC RTLS Locating Manager (6GT2780-0DA00) (All... Moderate Unreviewed

CVE-2024-33494 was published May 14, 2024

NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability... High Unreviewed

CVE-2023-27360 was published May 3, 2024

AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity. Critical Unreviewed

CVE-2023-28863 was published Apr 18, 2023

Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end... High Unreviewed

CVE-2024-3051 was published Apr 27, 2024

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a... High Unreviewed

CVE-2021-36367 was published May 24, 2022

PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows root privileged attackers to... Moderate Unreviewed

CVE-2022-26579 was published Dec 17, 2022

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using... Moderate Unreviewed

CVE-2021-22947 was published May 24, 2022

A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version... Moderate Unreviewed

CVE-2023-42782 was published Oct 10, 2023

An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on... High Unreviewed

CVE-2023-5450 was published Oct 10, 2023

An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8,... Moderate Unreviewed

CVE-2023-3920 was published Sep 29, 2023

In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing the... High Unreviewed

CVE-2023-43636 was published Sep 20, 2023

Insufficient verification of data authenticity vulnerability in Delinea Secret Server, in its v10... High Unreviewed

CVE-2023-4589 was published Sep 6, 2023

IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper... High Unreviewed

CVE-2023-35906 was published Sep 5, 2023

An issue was discovered on AudioCodes VoIP desk phones through 3.4.4.1000. The validation of... High Unreviewed

CVE-2023-22955 was published Aug 11, 2023

Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5... High Unreviewed

CVE-2023-36541 was published Aug 8, 2023

In PHPJabbers Cleaning Business Software 1.0, lack of verification when changing an email address... Critical Unreviewed

CVE-2023-36139 was published Aug 4, 2023

In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address... Critical Unreviewed

CVE-2023-36134 was published Aug 4, 2023

A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation. Moderate Unreviewed

CVE-2023-3749 was published Aug 3, 2023

In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity... High Unreviewed

CVE-2023-3663 was published Aug 3, 2023

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

241 advisories