Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,965
Erlang
29
GitHub Actions
16
Go
1,747
Maven
4,975
npm
3,507
NuGet
609
pip
3,071
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

38 advisories

Loading
A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the... Moderate Unreviewed
CVE-2021-4148 was published Mar 24, 2022
Improper Validation of Integrity Check Value in Bouncy Castle Moderate
CVE-2018-5382 was published for org.bouncycastle:bcprov-jdk15on (Maven) May 13, 2022
This issue was addressed with improved checks. This issue is fixed in Security Update 2021-004... Moderate Unreviewed
CVE-2021-1883 was published May 24, 2022
Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for... Moderate Unreviewed
CVE-2022-33711 was published Jul 13, 2022
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... Moderate Unreviewed
CVE-2022-46402 was published Dec 20, 2022
Honeywell Experion PKS Safety Manager 5.02 has Insufficient Verification of Data Authenticity.... Moderate Unreviewed
CVE-2022-30316 was published Jul 29, 2022
An issue was discovered in Zoho ManageEngine AssetExplorer 6.5. During an upgrade of the Windows... Moderate Unreviewed
CVE-2020-8838 was published May 24, 2022
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host... Moderate Unreviewed
CVE-2020-5964 was published May 24, 2022
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions... Moderate Unreviewed
CVE-2020-5637 was published May 24, 2022
There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does... Moderate Unreviewed
CVE-2020-9118 was published May 24, 2022
Proofpoint Enterprise Protection (PPS/PoD) before 8.17.0 contains a vulnerability that could... Moderate Unreviewed
CVE-2020-14009 was published May 24, 2022
An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi... Moderate Unreviewed
CVE-2020-26141 was published May 24, 2022
The vulnerability allows a successful attacker to bypass the integrity check of FW uploaded to... Moderate Unreviewed
CVE-2021-22276 was published May 24, 2022
An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi... Moderate Unreviewed
CVE-2022-38956 was published Sep 21, 2022
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF,... Moderate Unreviewed
CVE-2022-25946 was published May 6, 2022
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity... Moderate Unreviewed
CVE-2017-9498 was published May 13, 2022
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP... Moderate Unreviewed
CVE-2021-3772 was published Mar 4, 2022
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed
CVE-2023-23120 was published Feb 2, 2023
An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can... Moderate Unreviewed
CVE-2022-45191 was published Feb 8, 2023
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed
CVE-2023-23119 was published Feb 2, 2023
A vulnerability was found in ICEPAY REST-API-NET 0.9. It has been declared as problematic.... Moderate Unreviewed
CVE-2016-15028 was published Mar 12, 2023
tlslite-ng off-by-one error on mac checking Moderate
CVE-2018-1000159 was published for tlslite-ng (pip) Jul 12, 2018
OpenZeppelin Contracts using MerkleProof multiproofs may allow proving arbitrary leaves for specific trees Moderate
CVE-2023-34459 was published for @openzeppelin/contracts (npm) Jun 19, 2023
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through... Moderate Unreviewed
CVE-2023-28002 was published Nov 14, 2023
An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an... Moderate Unreviewed
CVE-2023-28802 was published Nov 21, 2023
ProTip! Advisories are also available from the GraphQL API