Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
A vulnerability in the Dedicated XML Agent feature of Cisco IOS XR Software could allow an... Moderate Unreviewed
CVE-2024-20390 was published Sep 11, 2024
The registration process of uniFLOW Online (NT-ware product) apps, prior to and including version... High Unreviewed
CVE-2024-1621 was published Sep 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... Critical Unreviewed
CVE-2024-38886 was published Aug 2, 2024
An issue in SHENZHEN TENDA TECHNOLOGY CO.,LTD Tenda AX2pro V16.03.29.48_cn allows a remote... Critical Unreviewed
CVE-2024-40515 was published Jul 16, 2024
An issue in H3C Technologies Co., Limited H3C Magic RC3000 RC3000V100R009 allows a remote... High Unreviewed
CVE-2024-40516 was published Jul 16, 2024
An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service... Moderate Unreviewed
CVE-2024-40503 was published Jul 16, 2024
Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same... Low Unreviewed
CVE-2024-37664 was published Jun 17, 2024
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in... Moderate Unreviewed
CVE-2024-37661 was published Jun 17, 2024
Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in... Low Unreviewed
CVE-2024-37663 was published Jun 17, 2024
TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same... Moderate Unreviewed
CVE-2024-37662 was published Jun 17, 2024
Constallation has pods exposed to peers in VPC High
GHSA-g8fc-vrcg-8vjg was published for github.com/edgelesssys/constellation/v2 (Go) Apr 15, 2024
brb
The TTLock App does not employ proper verification procedures to ensure that it is communicating... Moderate Unreviewed
CVE-2023-7004 was published Mar 15, 2024
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks... Moderate Unreviewed
CVE-2024-0009 was published Feb 14, 2024
A vulnerability has been identified in SIMATIC CP 343-1 (6GK7343-1EX30-0XE0) (All versions),... High Unreviewed
CVE-2023-51440 was published Feb 13, 2024
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel Moderate
CVE-2022-4848 was published for github.com/usememos/memos (Go) Dec 29, 2022
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel Moderate
CVE-2022-4800 was published for github.com/usememos/memos (Go) Dec 28, 2022
Improper Verification of Source of a Communication Channel in Apache Tomcat Moderate
CVE-2016-0763 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
SleekXMPP and Slixmpp Incorrect Implementation of Message Carbons Moderate
CVE-2017-5591 was published for SleekXMPP (pip) May 13, 2022
Improper Verification of Communication Channel in @theia/plugin-ext Moderate
CVE-2021-41038 was published for @theia/plugin-ext (npm) Nov 15, 2021
ProTip! Advisories are also available from the GraphQL API