Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

36 advisories

Loading
The DFX module has a vulnerability of improper validation of integrity check values.Successful... High Unreviewed
CVE-2022-22253 was published Apr 12, 2022
Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by... High Unreviewed
CVE-2020-14120 was published Apr 22, 2022
Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074... High Unreviewed
CVE-2022-39845 was published Sep 10, 2022
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3... High Unreviewed
CVE-2022-39844 was published Sep 10, 2022
In WIFI Firmware, there is a possible system crash due to a missing count check. This could lead... High Unreviewed
CVE-2022-21757 was published Jun 7, 2022
A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C... High Unreviewed
CVE-2021-37182 was published Jun 15, 2022
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash.... High Unreviewed
CVE-2020-25862 was published May 24, 2022
An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration... High Unreviewed
CVE-2020-25758 was published May 24, 2022
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019... High Unreviewed
CVE-2020-28656 was published May 24, 2022
Improper validation of integrity check value vulnerability in NEC Aterm WF1200CR firmware Ver1.3... High Unreviewed
CVE-2021-20709 was published May 24, 2022
In JetBrains TeamCity before 2020.2.3, insufficient checks of the redirect_uri were made during... High Unreviewed
CVE-2021-31913 was published May 24, 2022
Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers... High Unreviewed
CVE-2021-25388 was published May 24, 2022
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed... High Unreviewed
CVE-2022-22781 was published Apr 29, 2022
IBM Security Sevret Server (IBM Security Verify Privilege Manager 10.8.2 ) could allow a local... High Unreviewed
CVE-2020-4610 was published May 24, 2022
There is an Improper Validation of Integrity Check Value Vulnerability in Huawei Smartphone... High Unreviewed
CVE-2021-22442 was published May 24, 2022
An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi... High Unreviewed
CVE-2022-38955 was published Sep 21, 2022
An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third... High Unreviewed
CVE-2018-6336 was published May 13, 2022
An issue was discovered in Listary through 6. Improper implementation of the update process leads... High Unreviewed
CVE-2021-41067 was published Dec 15, 2021
The Lenovo Service Framework Android application uses a set of nonsecure credentials when... High Unreviewed
CVE-2017-3760 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation BOSH Release 261.x versions prior to 261.3... High Unreviewed
CVE-2017-4961 was published May 13, 2022
An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full... High Unreviewed
CVE-2022-29549 was published Aug 19, 2022
FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux... High Unreviewed
CVE-2022-36174 was published Sep 13, 2022
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a... High Unreviewed
CVE-2022-45142 was published Mar 7, 2023
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial... High Unreviewed
CVE-2023-38802 was published Aug 29, 2023
A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers... High Unreviewed
CVE-2023-36650 was published Dec 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database