Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,464
Erlang
33
GitHub Actions
22
Go
2,163
Maven
5,000+
npm
3,821
NuGet
696
pip
3,502
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

283 advisories

Loading
Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices... Moderate Unreviewed
CVE-2025-27257 was published Mar 10, 2025
Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an... Moderate Unreviewed
CVE-2025-0149 was published Mar 11, 2025
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source... High Unreviewed
CVE-2024-27773 was published Mar 18, 2024
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.750 Application 20.0.1442... Critical Unreviewed
CVE-2025-27680 was published Mar 5, 2025
Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation... Critical Unreviewed
CVE-2023-4699 was published Nov 6, 2023
Client use of server error message in PostgreSQL allows a server not trusted under current SSL or... Low Unreviewed
CVE-2024-10977 was published Nov 14, 2024
Insufficient verification of data authenticity in some Intel(R) DSA software before version 23.4... High Unreviewed
CVE-2024-39805 was published Feb 13, 2025
Insufficient data authenticity verification vulnerability in Janto, versions prior to r12. This... High Unreviewed
CVE-2025-1108 was published Feb 7, 2025
Thunderbird displayed an incorrect sender address if the From field of an email used the invalid... Moderate Unreviewed
CVE-2025-0510 was published Feb 4, 2025
An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access... Low Unreviewed
CVE-2025-23415 was published Feb 5, 2025
There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD... High Unreviewed
CVE-2024-10237 was published Feb 4, 2025
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated... Critical Unreviewed
CVE-2022-26871 was published Mar 30, 2022
Mail spoofing Moderate Unreviewed
CVE-2024-55929 was published Jan 23, 2025
NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2023-27360 was published May 3, 2024
The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to... High Unreviewed
CVE-2023-30759 was published Jun 19, 2023
Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-54111 was published Dec 12, 2024
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware... Critical Unreviewed
CVE-2023-28386 was published May 22, 2023
An attacker who can execute arbitrary Operating Systems commands, can bypass code signing... Moderate Unreviewed
CVE-2024-52548 was published Dec 3, 2024
IPP software versions prior to v1.71 do not sufficiently verify the authenticity of data, in a... Moderate Unreviewed
CVE-2022-33861 was published Nov 25, 2024
Affected devices beacon to eCharge cloud infrastructure asking if there are any command they... Critical Unreviewed
CVE-2024-11666 was published Nov 25, 2024
Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege... High Unreviewed
CVE-2024-8356 was published Nov 23, 2024
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges... Moderate Unreviewed
CVE-2024-47255 was published Nov 5, 2024
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data... Moderate Unreviewed
CVE-2024-47254 was published Nov 5, 2024
Insufficient verification of data authenticity in the configuration state machine may allow a... Low Unreviewed
CVE-2023-20570 was published Feb 13, 2024
VULNERABILITY DETAILS Rockwell Automation used the latest versions of the CVSS scoring system to... High Unreviewed
CVE-2024-7847 was published Oct 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database