Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,740
Maven
4,967
npm
3,507
NuGet
609
pip
3,064
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

87 advisories

A vulnerability was found in ICEPAY REST-API-NET 0.9. It has been declared as problematic.... Moderate Unreviewed
CVE-2016-15028 was published Mar 12, 2023
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a... High Unreviewed
CVE-2022-45142 was published Mar 7, 2023
An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can... Moderate Unreviewed
CVE-2022-45191 was published Feb 8, 2023
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed
CVE-2023-23119 was published Feb 2, 2023
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed
CVE-2023-23120 was published Feb 2, 2023
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... Moderate Unreviewed
CVE-2022-46402 was published Dec 20, 2022
An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi... Moderate Unreviewed
CVE-2022-38956 was published Sep 21, 2022
An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi... High Unreviewed
CVE-2022-38955 was published Sep 21, 2022
FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux... High Unreviewed
CVE-2022-36174 was published Sep 13, 2022
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3... High Unreviewed
CVE-2022-39844 was published Sep 10, 2022
Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074... High Unreviewed
CVE-2022-39845 was published Sep 10, 2022
An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full... High Unreviewed
CVE-2022-29549 was published Aug 19, 2022
OpenZeppelin Contracts vulnerable to ECDSA signature malleability High
CVE-2022-35961 was published for @openzeppelin/contracts (npm) Aug 18, 2022
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity.... Moderate Unreviewed
CVE-2022-30316 was published Jul 29, 2022
Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for... Moderate Unreviewed
CVE-2022-33711 was published Jul 13, 2022
In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page)... Critical Unreviewed
CVE-2022-31266 was published Jun 30, 2022
A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C... High Unreviewed
CVE-2021-37182 was published Jun 15, 2022
In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead... High Unreviewed
CVE-2022-21757 was published Jun 7, 2022
Improper Validation of Integrity Check Value in go-tuf High
CVE-2022-29173 was published for github.com/theupdateframework/go-tuf (Go) May 24, 2022
rdimitrov
The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to... Moderate Unreviewed
CVE-2021-22276 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004... Moderate Unreviewed
CVE-2021-1883 was published May 24, 2022
When curl is instructed to download content using the metalink feature, thecontents is verified... High Unreviewed
CVE-2021-22922 was published May 24, 2022
There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone... High Unreviewed
CVE-2021-22442 was published May 24, 2022
IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local... High Unreviewed
CVE-2020-4610 was published May 24, 2022
Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers... High Unreviewed
CVE-2021-25388 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API