GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
52 advisories
Filter by severity
A download of code without integrity check vulnerability in the "execute restore src-vis" command...
High
Unreviewed
CVE-2021-44168
was published
Jan 5, 2022
ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability...
High
Unreviewed
CVE-2022-24644
was published
Mar 11, 2022
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download...
High
Unreviewed
CVE-2001-1125
was published
Apr 30, 2022
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications...
High
Unreviewed
CVE-2002-0671
was published
Apr 30, 2022
The PartyGaming PartyPoker client program 121/120 does not properly verify the authenticity of...
High
Unreviewed
CVE-2008-3324
was published
May 1, 2022
Apple Mac OS X does not properly verify the authenticity of updates, which allows man-in-the...
High
Unreviewed
CVE-2008-3438
was published
May 2, 2022
An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to...
High
Unreviewed
CVE-2018-4009
was published
May 13, 2022
The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows...
High
Unreviewed
CVE-2018-19234
was published
May 13, 2022
Akeo Consulting Rufus prior to version 2.17.1187 does not adequately validate the integrity of...
High
Unreviewed
CVE-2017-13083
was published
May 13, 2022
Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in...
High
Unreviewed
CVE-2017-2707
was published
May 13, 2022
Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC...
High
Unreviewed
CVE-2018-13012
was published
May 13, 2022
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room...
High
Unreviewed
CVE-2022-22786
was published
May 19, 2022
Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check...
High
Unreviewed
CVE-2022-28944
was published
May 24, 2022
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its...
High
Unreviewed
CVE-2019-7229
was published
May 24, 2022
Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contains a vulnerability that...
High
Unreviewed
CVE-2019-12809
was published
May 24, 2022
Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Firmware A.03.09, WLAN...
High
Unreviewed
CVE-2019-13534
was published
May 24, 2022
The Cobham EXPLORER 710, firmware version 1.07, does not validate its firmware image. Development...
High
Unreviewed
CVE-2019-9534
was published
May 24, 2022
RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insufficiently validate where...
High
Unreviewed
CVE-2019-3977
was published
May 24, 2022
An issue was discovered in WeeChat before 2.7.1 (0.4.0 to 2.7 are affected). A malformed message...
High
Unreviewed
CVE-2020-9759
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-1200
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-1453
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-1452
was published
May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. It uses cleartext HTTP to check,...
High
Unreviewed
CVE-2021-27574
was published
May 24, 2022
Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A...
High
Unreviewed
CVE-2021-33879
was published
May 24, 2022
In cPanel before 96.0.13, fix_cpanel_perl lacks verification of the integrity of downloads (SEC...
High
Unreviewed
CVE-2021-38588
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API