Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

87 advisories

Loading
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during... High Unreviewed
CVE-2021-31913 was published May 24, 2022
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi... Moderate Unreviewed
CVE-2020-26141 was published May 24, 2022
Proofpoint Enterprise Protection (PPS/PoD) before 8.17.0 contains a vulnerability that could... Moderate Unreviewed
CVE-2020-14009 was published May 24, 2022
Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3... High Unreviewed
CVE-2021-20709 was published May 24, 2022
There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does... Moderate Unreviewed
CVE-2020-9118 was published May 24, 2022
Moodle Grade information disclosure in grade's external fetch functions Moderate
CVE-2021-20184 was published for moodle/moodle (Composer) May 24, 2022
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration... High Unreviewed
CVE-2020-25758 was published May 24, 2022
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions... Moderate Unreviewed
CVE-2020-5637 was published May 24, 2022
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019... High Unreviewed
CVE-2020-28656 was published May 24, 2022
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash.... High Unreviewed
CVE-2020-25862 was published May 24, 2022
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host... Moderate Unreviewed
CVE-2020-5964 was published May 24, 2022
An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows... Moderate Unreviewed
CVE-2020-8838 was published May 24, 2022
There is an improper integrity checking vulnerability on some huawei products. The software of... Low Unreviewed
CVE-2020-1879 was published May 24, 2022
Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before... High Unreviewed
CVE-2019-18672 was published May 24, 2022
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a... High Unreviewed
CVE-2019-13496 was published May 24, 2022
The Firefox installer allows Firefox to be installed to a custom user writable location, leaving... High Unreviewed
CVE-2019-11753 was published May 24, 2022
A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka ... Moderate Unreviewed
CVE-2019-1163 was published May 24, 2022
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange... Low Unreviewed
CVE-2019-10155 was published May 24, 2022
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity... Moderate Unreviewed
CVE-2017-9498 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3... High Unreviewed
CVE-2017-4961 was published May 13, 2022
The Lenovo Service Framework Android application uses a set of nonsecure credentials when... High Unreviewed
CVE-2017-3760 was published May 13, 2022
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for... Critical Unreviewed
CVE-2017-15994 was published May 13, 2022
Nimbus JOSE+JWT vulnerable to padding oracle attack Low
CVE-2017-12973 was published for com.nimbusds:nimbus-jose-jwt (Maven) May 13, 2022
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third... High Unreviewed
CVE-2018-6336 was published May 13, 2022
Improper Validation of Integrity Check Value in Bouncy Castle Moderate
CVE-2018-5382 was published for org.bouncycastle:bcprov-jdk15on (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API