Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,802
Erlang
36
GitHub Actions
29
Go
2,386
Maven
5,000+
npm
4,016
NuGet
720
pip
3,811
Pub
12
RubyGems
930
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

302 advisories

Loading
A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162.... High Unreviewed
CVE-2025-7096 was published Jul 7, 2025
The executable file warning did not warn users before opening files with the `terminal` extension... High Unreviewed
CVE-2025-6426 was published Jun 26, 2025
Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity... Moderate Unreviewed
CVE-2025-5832 was published Jun 26, 2025
Pioneer DMH-WT7600NEX Root Filesystem Insufficient Verification of Data Authenticity... Moderate Unreviewed
CVE-2025-5833 was published Jun 26, 2025
The backup ZIPs are not signed by the application, leading to the possibility that an attacker... High Unreviewed
CVE-2025-49199 was published Jun 12, 2025
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful... High Unreviewed
CVE-2023-52109 was published Jan 16, 2024
IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh networks. In mesh networks... Critical Unreviewed
CVE-2025-27558 was published May 21, 2025
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient... Moderate Unreviewed
CVE-2018-10626 was published May 13, 2022
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized... High Unreviewed
CVE-2025-29842 was published May 13, 2025
Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server... Critical Unreviewed
CVE-2022-31813 was published Jun 10, 2022
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote... High Unreviewed
CVE-2023-5482 was published Nov 1, 2023
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to... High Unreviewed
CVE-2022-31877 was published Nov 28, 2022
A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2,... Moderate Unreviewed
CVE-2022-46692 was published Dec 15, 2022
RSFirewall tries to identify the original IP address by looking at different HTTP headers. A... Critical Unreviewed
CVE-2021-4226 was published Dec 15, 2022
Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software... Moderate Unreviewed
CVE-2017-12740 was published May 13, 2022
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks... High Unreviewed
CVE-2017-11103 was published May 13, 2022
Acronis True Image up to and including version 2017 Build 8053 performs software updates using... High Unreviewed
CVE-2017-3219 was published May 13, 2022
Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior... High Unreviewed
CVE-2017-3218 was published May 13, 2022
D-Link devices DAP-2310 v2.10rc036 and earlier, DAP-2330 v1.06rc020 and earlier, DAP-2360 v2... High Unreviewed
CVE-2022-38873 was published Dec 20, 2022
An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a... Moderate Unreviewed
CVE-2022-46422 was published Dec 20, 2022
TP-Link TL-WR940N V4 3.16.9 and earlier allows authenticated attackers to cause a Denial of... Moderate Unreviewed
CVE-2022-46139 was published Dec 20, 2022
Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have... Moderate Unreviewed
CVE-2022-22757 was published Dec 22, 2022
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.750 Application 20.0.1442... Critical Unreviewed
CVE-2025-27680 was published Mar 5, 2025
When downloading an update for an addon, the downloaded addon update's version was not verified... Moderate Unreviewed
CVE-2022-34471 was published Dec 22, 2022
When loading a script with Subresource Integrity, attackers with an injection capability could... Moderate Unreviewed
CVE-2022-36315 was published Dec 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database