GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
144 advisories
Filter by severity
Incorrect header handling in mod-wsgi
High
CVE-2022-2255
was published
for
mod-wsgi
(pip)
Aug 26, 2022
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353...
High
Unreviewed
CVE-2022-2793
was published
Aug 20, 2022
The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity....
High
Unreviewed
CVE-2022-30262
was published
Aug 18, 2022
The recovery module has a vulnerability of bypassing the verification of an update package before...
High
Unreviewed
CVE-2022-37008
was published
Aug 11, 2022
Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom...
High
Unreviewed
CVE-2022-30269
was published
Jul 27, 2022
The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the...
High
Unreviewed
CVE-2022-30272
was published
Jul 27, 2022
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause...
High
Unreviewed
CVE-2022-34763
was published
Jul 14, 2022
It was discovered that the IcedTea-Web used codebase attribute of the <applet> tag on the HTML...
High
Unreviewed
CVE-2015-5236
was published
Jul 8, 2022
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the...
High
Unreviewed
CVE-2022-20829
was published
Jun 25, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The...
High
Unreviewed
CVE-2022-32252
was published
Jun 15, 2022
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently...
High
Unreviewed
CVE-2021-26315
was published
May 24, 2022
The move_uploaded_file function in godomall5 does not perform an integrity check of extension or...
High
Unreviewed
CVE-2021-26610
was published
May 24, 2022
A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows...
High
Unreviewed
CVE-2020-19769
was published
May 24, 2022
A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows...
High
Unreviewed
CVE-2020-19768
was published
May 24, 2022
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series...
High
Unreviewed
CVE-2021-1586
was published
May 24, 2022
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker...
High
Unreviewed
CVE-2021-31228
was published
May 24, 2022
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a...
High
Unreviewed
CVE-2021-36367
was published
May 24, 2022
Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows...
High
Unreviewed
CVE-2021-33887
was published
May 24, 2022
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). The...
High
Unreviewed
CVE-2021-33712
was published
May 24, 2022
Openstack Neutron has Insufficient Verification of IPv6 addresses
High
CVE-2021-20267
was published
for
neutron
(pip)
May 24, 2022
The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28.4) devices allows an...
High
Unreviewed
CVE-2020-24395
was published
May 24, 2022
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files...
High
Unreviewed
CVE-2021-29239
was published
May 24, 2022
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote...
High
Unreviewed
CVE-2021-21231
was published
May 24, 2022
show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File...
High
Unreviewed
CVE-2021-31783
was published
May 24, 2022
A flaw was found in RPM's signature check functionality when reading a package file. This flaw...
High
Unreviewed
CVE-2021-20271
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API