Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

100 advisories

Loading
There is an improper integrity checking vulnerability on some huawei products. The software of... Low Unreviewed
CVE-2020-1879 was published May 24, 2022
Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before... High Unreviewed
CVE-2019-18672 was published May 24, 2022
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a... High Unreviewed
CVE-2019-13496 was published May 24, 2022
The Firefox installer allows Firefox to be installed to a custom user writable location, leaving... High Unreviewed
CVE-2019-11753 was published May 24, 2022
A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka ... Moderate Unreviewed
CVE-2019-1163 was published May 24, 2022
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange... Low Unreviewed
CVE-2019-10155 was published May 24, 2022
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity... Moderate Unreviewed
CVE-2017-9498 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3... High Unreviewed
CVE-2017-4961 was published May 13, 2022
The Lenovo Service Framework Android application uses a set of nonsecure credentials when... High Unreviewed
CVE-2017-3760 was published May 13, 2022
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for... Critical Unreviewed
CVE-2017-15994 was published May 13, 2022
Nimbus JOSE+JWT vulnerable to padding oracle attack Low
CVE-2017-12973 was published for com.nimbusds:nimbus-jose-jwt (Maven) May 13, 2022
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third... High Unreviewed
CVE-2018-6336 was published May 13, 2022
Improper Validation of Integrity Check Value in Bouncy Castle Moderate
CVE-2018-5382 was published for org.bouncycastle:bcprov-jdk15on (Maven) May 13, 2022
On various RAD-ISM-900-EN-* devices by PHOENIX CONTACT an admin user could use the configuration... Critical Unreviewed
CVE-2022-29898 was published May 12, 2022
On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP Advanced WAF,... Moderate Unreviewed
CVE-2022-25946 was published May 6, 2022
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed... High Unreviewed
CVE-2022-22781 was published Apr 29, 2022
Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by... High Unreviewed
CVE-2020-14120 was published Apr 22, 2022
The DFX module has a vulnerability of improper validation of integrity check values.Successful... High Unreviewed
CVE-2022-22253 was published Apr 12, 2022
A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the... Moderate Unreviewed
CVE-2021-4148 was published Mar 24, 2022
A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP... Moderate Unreviewed
CVE-2021-3772 was published Mar 4, 2022
Improper Validation of Integrity Check Value in TensorFlow High
GHSA-43q8-3fv7-pr5x was published for tensorflow (pip) Feb 9, 2022
Execution Control List (ECL) Is Insecure in Singularity High
CVE-2020-13845 was published for github.com/sylabs/singularity (Go) Dec 20, 2021
tri-adam
An issue was discovered in Listary through 6. Improper implementation of the update process leads... High Unreviewed
CVE-2021-41067 was published Dec 15, 2021
Incomplete validation of shapes in multiple TF ops High
CVE-2021-41206 was published for tensorflow (pip) Nov 10, 2021
tlslite-ng off-by-one error on mac checking High
CVE-2018-1000159 was published for tlslite-ng (pip) Jul 12, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database