Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

98 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to... Moderate Unreviewed
CVE-2024-49875 was published Oct 21, 2024
secp256k1-node allows private key extraction over ECDH High
CVE-2024-48930 was published for secp256k1 (npm) Oct 21, 2024
ChALkeR jprichardson
OpenStack Ironic fails to verify checksums of supplied image_source URLs Moderate
CVE-2024-47211 was published for ironic (pip) Oct 4, 2024
This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the... High Unreviewed
CVE-2024-47089 was published Sep 19, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper validation of the ... Moderate Unreviewed
CVE-2024-45789 was published Sep 11, 2024
Apache MINA SSHD: integrity check bypass High
CVE-2024-41909 was published for org.apache.sshd:sshd-common (Maven) Aug 12, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0... High Unreviewed
CVE-2023-33206 was published Aug 8, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR10 fails to validate /etc/mtab during... Moderate Unreviewed
CVE-2023-24063 was published Aug 8, 2024
An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It... Moderate Unreviewed
CVE-2024-31958 was published Jun 7, 2024
github.com/containers/image allows unexpected authenticated registry accesses High
CVE-2024-3727 was published for github.com/containers/image (Go) May 14, 2024
RTann
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2023-41970 was published May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2024-23461 was published May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Low Unreviewed
CVE-2024-23462 was published May 2, 2024
PHPECC vulnerable to multiple cryptographic side-channel attacks Critical
GHSA-346h-749j-r28w was published for mdanter/ecc (Composer) Apr 25, 2024
Improper Input Validation vulnerability in the upload functionality for user avatars allows... Low Unreviewed
CVE-2024-23790 was published Jan 29, 2024
Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to... Moderate Unreviewed
CVE-2023-42143 was published Jan 23, 2024
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin Moderate
CVE-2023-48795 was published for golang.org/x/crypto (Go) Dec 18, 2023
TrueSkrillor lambdafu
KamilaBorowska levpachmanov
A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers... High Unreviewed
CVE-2023-36650 was published Dec 12, 2023
An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an... Moderate Unreviewed
CVE-2023-28802 was published Nov 21, 2023
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through... Moderate Unreviewed
CVE-2023-28002 was published Nov 14, 2023
AsyncSSH Rogue Session Attack High
CVE-2023-46446 was published for asyncssh (pip) Nov 9, 2023
TrueSkrillor lambdafu
AsyncSSH Rogue Extension Negotiation Moderate
CVE-2023-46445 was published for asyncssh (pip) Nov 9, 2023
TrueSkrillor lambdafu
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream... High Unreviewed
CVE-2022-24404 was published Oct 19, 2023
All firmware versions of the NPort 5000 Series are affected by an improper validation of... High Unreviewed
CVE-2023-4929 was published Oct 3, 2023
A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could... Moderate Unreviewed
CVE-2023-20233 was published Sep 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database