Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

158 advisories

Loading
Openstack Neutron has Insufficient Verification of IPv6 addresses High
CVE-2021-20267 was published for neutron (pip) May 24, 2022
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). The... High Unreviewed
CVE-2021-33712 was published May 24, 2022
Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows... High Unreviewed
CVE-2021-33887 was published May 24, 2022
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a... High Unreviewed
CVE-2021-36367 was published May 24, 2022
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker... High Unreviewed
CVE-2021-31228 was published May 24, 2022
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series... High Unreviewed
CVE-2021-1586 was published May 24, 2022
A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows... High Unreviewed
CVE-2020-19768 was published May 24, 2022
A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows... High Unreviewed
CVE-2020-19769 was published May 24, 2022
The move_uploaded_file function in godomall5 does not perform an integrity check of extension or... High Unreviewed
CVE-2021-26610 was published May 24, 2022
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently... High Unreviewed
CVE-2021-26315 was published May 24, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The... High Unreviewed
CVE-2022-32252 was published Jun 15, 2022
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the... High Unreviewed
CVE-2022-20829 was published Jun 25, 2022
It was discovered that the IcedTea-Web used codebase attribute of the <applet> tag on the HTML... High Unreviewed
CVE-2015-5236 was published Jul 8, 2022
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause... High Unreviewed
CVE-2022-34763 was published Jul 14, 2022
The Motorola ACE1000 RTU through 2022-05-02 mishandles firmware integrity. It utilizes either the... High Unreviewed
CVE-2022-30272 was published Jul 27, 2022
Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom... High Unreviewed
CVE-2022-30269 was published Jul 27, 2022
The recovery module has a vulnerability of bypassing the verification of an update package before... High Unreviewed
CVE-2022-37008 was published Aug 11, 2022
The Emerson ControlWave 'Next Generation' RTUs through 2022-05-02 mishandle firmware integrity.... High Unreviewed
CVE-2022-30262 was published Aug 18, 2022
Emerson Electric's Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353... High Unreviewed
CVE-2022-2793 was published Aug 20, 2022
Incorrect header handling in mod-wsgi High
CVE-2022-2255 was published for mod-wsgi (pip) Aug 26, 2022
Patlite NH-FB v1.46 and below was discovered to contain insufficient firmware validation during... High Unreviewed
CVE-2022-38625 was published Aug 30, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3).... High Unreviewed
CVE-2022-36360 was published Oct 11, 2022
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient,... High Unreviewed
CVE-2022-26122 was published Nov 2, 2022
Remote code execution vulnerability due to insufficient verification of URLs, etc. in... High Unreviewed
CVE-2022-41156 was published Nov 25, 2022
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to... High Unreviewed
CVE-2022-31877 was published Nov 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database