Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

99 advisories

Loading
A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could... Moderate Unreviewed
CVE-2023-20233 was published Sep 13, 2023
FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial... High Unreviewed
CVE-2023-38802 was published Aug 29, 2023
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty... Moderate Unreviewed
CVE-2023-2975 was published Jul 14, 2023
DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access... Critical Unreviewed
CVE-2023-33668 was published Jul 12, 2023
Improper privilege management in Zoom Rooms before version 5.14.5 may allow an authenticated... High Unreviewed
CVE-2023-36537 was published Jul 11, 2023
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3... Moderate Unreviewed
CVE-2023-30673 was published Jul 6, 2023
OpenZeppelin Contracts using MerkleProof multiproofs may allow proving arbitrary leaves for specific trees Moderate
CVE-2023-34459 was published for @openzeppelin/contracts (npm) Jun 19, 2023
An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then... Moderate Unreviewed
CVE-2023-31438 was published Jun 13, 2023
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a... Moderate Unreviewed
CVE-2023-31439 was published Jun 13, 2023
An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in... Moderate Unreviewed
CVE-2023-31437 was published Jun 13, 2023
Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private... Moderate Unreviewed
CVE-2023-33981 was published May 24, 2023
Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00... High Unreviewed
CVE-2023-30356 was published May 10, 2023
A vulnerability was found in ICEPAY REST-API-NET 0.9. It has been declared as problematic.... Moderate Unreviewed
CVE-2016-15028 was published Mar 12, 2023
The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a... High Unreviewed
CVE-2022-45142 was published Mar 7, 2023
An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can... Moderate Unreviewed
CVE-2022-45191 was published Feb 8, 2023
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed
CVE-2023-23119 was published Feb 2, 2023
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed
CVE-2023-23120 was published Feb 2, 2023
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... Moderate Unreviewed
CVE-2022-46402 was published Dec 20, 2022
An exploitable firmware downgrade vulnerability was discovered on the Netgear WPN824EXT WiFi... Moderate Unreviewed
CVE-2022-38956 was published Sep 21, 2022
An exploitable firmware modification vulnerability was discovered on the Netgear WPN824EXT WiFi... High Unreviewed
CVE-2022-38955 was published Sep 21, 2022
FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux... High Unreviewed
CVE-2022-36174 was published Sep 13, 2022
Improper validation of integrity check vulnerability in Samsung Kies prior to version 2.6.4.22074... High Unreviewed
CVE-2022-39845 was published Sep 10, 2022
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3... High Unreviewed
CVE-2022-39844 was published Sep 10, 2022
An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full... High Unreviewed
CVE-2022-29549 was published Aug 19, 2022
OpenZeppelin Contracts vulnerable to ECDSA signature malleability High
CVE-2022-35961 was published for @openzeppelin/contracts (npm) Aug 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database