Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

105 advisories

Loading
Lodestar snappy checksum issue Low
GHSA-m9c9-mc2h-9wjw was published for @lodestar/reqresp (npm) Jan 14, 2025
gln7
There is an insufficient integrity vulnerability in Huawei products. A module does not perform... Moderate Unreviewed
CVE-2020-9210 was published Dec 27, 2024
An issue in TOTOLINK Bluetooth Wireless Adapter A600UB allows a local attacker to execute... High Unreviewed
CVE-2024-51141 was published Nov 15, 2024
Rebuilding a run with revoked script approval allowed by Jenkins Pipeline: Groovy Plugin High
CVE-2024-52550 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) Nov 13, 2024
Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16... Moderate Unreviewed
CVE-2024-49406 was published Nov 6, 2024
In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to... Moderate Unreviewed
CVE-2024-49875 was published Oct 21, 2024
secp256k1-node allows private key extraction over ECDH High
CVE-2024-48930 was published for secp256k1 (npm) Oct 21, 2024
ChALkeR jprichardson
OpenStack Ironic fails to verify checksums of supplied image_source URLs Moderate
CVE-2024-47211 was published for ironic (pip) Oct 4, 2024
This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the... High Unreviewed
CVE-2024-47089 was published Sep 19, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper validation of the ... Moderate Unreviewed
CVE-2024-45789 was published Sep 11, 2024
Apache MINA SSHD: integrity check bypass High
CVE-2024-41909 was published for org.apache.sshd:sshd-common (Maven) Aug 12, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR10 fails to validate /etc/mtab during... Moderate Unreviewed
CVE-2023-24063 was published Aug 8, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0... High Unreviewed
CVE-2023-33206 was published Aug 8, 2024
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can... Critical Unreviewed
CVE-2024-3596 was published Jul 9, 2024
An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It... Moderate Unreviewed
CVE-2024-31958 was published Jun 7, 2024
github.com/containers/image allows unexpected authenticated registry accesses High
CVE-2024-3727 was published for github.com/containers/image (Go) May 14, 2024
RTann
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Low Unreviewed
CVE-2024-23462 was published May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2023-41970 was published May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2024-23461 was published May 2, 2024
PHPECC vulnerable to multiple cryptographic side-channel attacks Critical
GHSA-346h-749j-r28w was published for mdanter/ecc (Composer) Apr 25, 2024
Improper Input Validation vulnerability in the upload functionality for user avatars allows... Low Unreviewed
CVE-2024-23790 was published Jan 29, 2024
Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to... Moderate Unreviewed
CVE-2023-42143 was published Jan 23, 2024
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin Moderate
CVE-2023-48795 was published for golang.org/x/crypto (Go) Dec 18, 2023
TrueSkrillor lambdafu
KamilaBorowska levpachmanov
A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers... High Unreviewed
CVE-2023-36650 was published Dec 12, 2023
An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an... Moderate Unreviewed
CVE-2023-28802 was published Nov 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database