Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,976
Erlang
29
GitHub Actions
16
Go
1,765
Maven
4,990
npm
3,534
NuGet
615
pip
3,103
Pub
10
RubyGems
837
Rust
785
Swift
34
Unreviewed advisories
All unreviewed
5,000+

39 advisories

Loading
Improper Validation of Integrity Check Value in TensorFlow High
GHSA-43q8-3fv7-pr5x was published for tensorflow (pip) Feb 9, 2022
Execution Control List (ECL) Is Insecure in Singularity High
CVE-2020-13845 was published for github.com/sylabs/singularity (Go) Dec 20, 2021
tri-adam
The DFX module has a vulnerability of improper validation of integrity check values.Successful... High Unreviewed
CVE-2022-22253 was published Apr 12, 2022
Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by... High Unreviewed
CVE-2020-14120 was published Apr 22, 2022
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3... High Unreviewed
CVE-2022-39844 was published Sep 10, 2022
Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074... High Unreviewed
CVE-2022-39845 was published Sep 10, 2022
In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead... High Unreviewed
CVE-2022-21757 was published Jun 7, 2022
A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C... High Unreviewed
CVE-2021-37182 was published Jun 15, 2022
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash.... High Unreviewed
CVE-2020-25862 was published May 24, 2022
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration... High Unreviewed
CVE-2020-25758 was published May 24, 2022
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019... High Unreviewed
CVE-2020-28656 was published May 24, 2022
Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3... High Unreviewed
CVE-2021-20709 was published May 24, 2022
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during... High Unreviewed
CVE-2021-31913 was published May 24, 2022
Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers... High Unreviewed
CVE-2021-25388 was published May 24, 2022
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed... High Unreviewed
CVE-2022-22781 was published Apr 29, 2022
IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local... High Unreviewed
CVE-2020-4610 was published May 24, 2022
There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone... High Unreviewed
CVE-2021-22442 was published May 24, 2022
An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi... High Unreviewed
CVE-2022-38955 was published Sep 21, 2022
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third... High Unreviewed
CVE-2018-6336 was published May 13, 2022
Incomplete validation of shapes in multiple TF ops High
CVE-2021-41206 was published for tensorflow (pip) Nov 10, 2021
An issue was discovered in Listary through 6. Improper implementation of the update process leads... High Unreviewed
CVE-2021-41067 was published Dec 15, 2021
The Lenovo Service Framework Android application uses a set of nonsecure credentials when... High Unreviewed
CVE-2017-3760 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3... High Unreviewed
CVE-2017-4961 was published May 13, 2022
An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full... High Unreviewed
CVE-2022-29549 was published Aug 19, 2022
OpenZeppelin Contracts vulnerable to ECDSA signature malleability High
CVE-2022-35961 was published for @openzeppelin/contracts (npm) Aug 18, 2022
ProTip! Advisories are also available from the GraphQL API