GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,599
Composer 4,464
Erlang 33
GitHub Actions 22
Go 2,163
Maven 5,348
npm 3,821
NuGet 696
pip 3,502
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,606

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

283 advisories

Filter by severity

Sort by

Least recently updated

The recovery module has a vulnerability of bypassing the verification of an update package before... High Unreviewed

CVE-2022-37008 was published Aug 11, 2022

JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the... Critical Unreviewed

CVE-2022-29958 was published Jul 27, 2022

Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom... High Unreviewed

CVE-2022-30269 was published Jul 27, 2022

The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the... High Unreviewed

CVE-2022-30272 was published Jul 27, 2022

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause... High Unreviewed

CVE-2022-34763 was published Jul 14, 2022

Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated... Moderate Unreviewed

CVE-2022-31598 was published Jul 13, 2022

It was discovered that the IcedTea-Web used codebase attribute of the <applet> tag on the HTML... High Unreviewed

CVE-2015-5236 was published Jul 8, 2022

A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the... High Unreviewed

CVE-2022-20829 was published Jun 25, 2022

An unauthenticated, remote attacker could upload malicious logic to devices based on ProConOS... Critical Unreviewed

CVE-2022-31800 was published Jun 22, 2022

An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS... Critical Unreviewed

CVE-2022-31801 was published Jun 22, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The... High Unreviewed

CVE-2022-32252 was published Jun 15, 2022

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server... Critical Unreviewed

CVE-2022-31813 was published Jun 10, 2022

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity... Moderate Unreviewed

CVE-2022-28385 was published Jun 9, 2022

Lack of root file system integrity checking in Fortinet FortiOS VM application images all... Moderate Unreviewed

CVE-2019-5587 was published May 24, 2022

When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently... High Unreviewed

CVE-2021-26315 was published May 24, 2022

The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if... Critical Unreviewed

CVE-2021-43616 was published May 24, 2022

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted... Moderate Unreviewed

CVE-2020-23906 was published May 24, 2022

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability.... Moderate Unreviewed

CVE-2021-22460 was published May 24, 2022

The move_uploaded_file function in godomall5 does not perform an integrity check of extension or... High Unreviewed

CVE-2021-26610 was published May 24, 2022

The programmer installation utility does not perform a cryptographic authenticity or integrity... Moderate Unreviewed

CVE-2021-38396 was published May 24, 2022

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using... Moderate Unreviewed

CVE-2021-22947 was published May 24, 2022

Enbra EWM 1.7.29 does not check for or detect replay attacks sent by wireless M-Bus Security mode... Moderate Unreviewed

CVE-2021-34572 was published May 24, 2022

An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft... Critical Unreviewed

CVE-2021-26608 was published May 24, 2022

A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows... High Unreviewed

CVE-2020-19769 was published May 24, 2022

A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows... High Unreviewed

CVE-2020-19768 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

283 advisories