GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
77 advisories
Filter by severity
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated...
High
Unreviewed
CVE-2023-36537
was published
Jul 11, 2023
This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the...
High
Unreviewed
CVE-2024-47089
was published
Sep 19, 2024
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper validation of the ...
Moderate
Unreviewed
CVE-2024-45789
was published
Sep 11, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR10 fails to validate /etc/mtab during...
Moderate
Unreviewed
CVE-2023-24063
was published
Aug 8, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR16, 4.0.0 SR06, 4.1.0 SR04, 4.2.0...
High
Unreviewed
CVE-2023-33206
was published
Aug 8, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on...
Moderate
Unreviewed
CVE-2024-23461
was published
May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on...
Low
Unreviewed
CVE-2024-23462
was published
May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on...
Moderate
Unreviewed
CVE-2023-41970
was published
May 2, 2024
All firmware versions of the NPort 5000 Series are affected by an improper validation of...
High
Unreviewed
CVE-2023-4929
was published
Oct 3, 2023
Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00...
High
Unreviewed
CVE-2023-30356
was published
May 10, 2023
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream...
High
Unreviewed
CVE-2022-24404
was published
Oct 19, 2023
DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access...
Critical
Unreviewed
CVE-2023-33668
was published
Jul 12, 2023
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3...
Moderate
Unreviewed
CVE-2023-30673
was published
Jul 6, 2023
Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private...
Moderate
Unreviewed
CVE-2023-33981
was published
May 24, 2023
Insufficient checks in the finite state machine of the ShapeShift KeepKey hardware wallet before...
High
Unreviewed
CVE-2019-18672
was published
May 24, 2022
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a...
High
Unreviewed
CVE-2019-13496
was published
May 24, 2022
The Firefox installer allows Firefox to be installed to a custom user writable location, leaving...
High
Unreviewed
CVE-2019-11753
was published
May 24, 2022
A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka ...
Moderate
Unreviewed
CVE-2019-1163
was published
May 24, 2022
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange...
Low
Unreviewed
CVE-2019-10155
was published
May 24, 2022
An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in...
Moderate
Unreviewed
CVE-2023-31437
was published
Jun 13, 2023
When curl is instructed to download content using the metalink feature, thecontents is verified...
High
Unreviewed
CVE-2021-22922
was published
May 24, 2022
Improper Input Validation vulnerability in the upload functionality for user avatars allows...
Low
Unreviewed
CVE-2024-23790
was published
Jan 29, 2024
A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could...
Moderate
Unreviewed
CVE-2023-20233
was published
Sep 13, 2023
Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to...
Moderate
Unreviewed
CVE-2023-42143
was published
Jan 23, 2024
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a...
Moderate
Unreviewed
CVE-2023-31439
was published
Jun 13, 2023
ProTip!
Advisories are also available from the
GraphQL API