Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,476
Erlang
33
GitHub Actions
24
Go
2,207
Maven
5,000+
npm
3,858
NuGet
696
pip
3,639
Pub
12
RubyGems
913
Rust
918
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

129 advisories

Loading
Vulnerability of package name verification being bypassed in the Calendar app. Impact: Successful... High Unreviewed
CVE-2023-52546 was published Apr 8, 2024
In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count... High Unreviewed
CVE-2024-37370 was published Jun 29, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-348: Use of Less Trusted Source... High Unreviewed
CVE-2024-27773 was published Mar 18, 2024
Insufficient verification of data authenticity in some Intel(R) DSA software before version 23.4... High Unreviewed
CVE-2024-39805 was published Feb 13, 2025
Insufficient data authenticity verification vulnerability in Janto, versions prior to r12. This... High Unreviewed
CVE-2025-1108 was published Feb 7, 2025
There is a vulnerability in the BMC firmware image authentication design at Supermicro MBD... High Unreviewed
CVE-2024-10237 was published Feb 4, 2025
NETGEAR RAX30 lighttpd Misconfiguration Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2023-27360 was published May 3, 2024
The driver installation package created by Printer Driver Packager NX v1.0.02 to v1.1.25 fails to... High Unreviewed
CVE-2023-30759 was published Jun 19, 2023
Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege... High Unreviewed
CVE-2024-8356 was published Nov 23, 2024
VULNERABILITY DETAILS Rockwell Automation used the latest versions of the CVSS scoring system to... High Unreviewed
CVE-2024-7847 was published Oct 14, 2024
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity... High Unreviewed
CVE-2023-3663 was published Aug 3, 2023
Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end... High Unreviewed
CVE-2024-3051 was published Apr 27, 2024
IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper... High Unreviewed
CVE-2023-35906 was published Sep 5, 2023
An issue was discovered in Technitium through 11.0.3. It enables attackers to conduct a DNS cache... High Unreviewed
CVE-2023-28457 was published Sep 18, 2024
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84... High Unreviewed
CVE-2024-7980 was published Aug 21, 2024
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84... High Unreviewed
CVE-2024-7979 was published Aug 21, 2024
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to... High Unreviewed
CVE-2023-38831 was published Aug 23, 2023
Windows DNS Spoofing Vulnerability High Unreviewed
CVE-2024-37968 was published Aug 13, 2024
Windows Print Spooler Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38198 was published Aug 13, 2024
Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a... High Unreviewed
CVE-2024-7256 was published Aug 1, 2024
Insufficient data validation in Updater in Google Chrome prior to 120.0.6099.62 allowed a remote... High Unreviewed
CVE-2024-3173 was published Jul 17, 2024
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to... High Unreviewed
CVE-2024-3049 was published Jun 6, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The... High Unreviewed
CVE-2022-32252 was published Jun 15, 2022
Invision Community through 4.7.16 allows remote code execution via the applications/core/modules... High Unreviewed
CVE-2024-30162 was published Jun 7, 2024
Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions... High Unreviewed
CVE-2024-33687 was published Jun 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database