GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
128 advisories
Filter by severity
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using...
Moderate
Unreviewed
CVE-2021-22947
was published
May 24, 2022
A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version...
Moderate
Unreviewed
CVE-2023-42782
was published
Oct 10, 2023
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.
Moderate
Unreviewed
CVE-2023-3749
was published
Aug 3, 2023
An insufficient verification of data vulnerability exists in BIG-IP Edge Client for Windows and...
Moderate
Unreviewed
CVE-2023-36858
was published
Aug 2, 2023
Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote...
Moderate
Unreviewed
CVE-2023-2314
was published
Jul 29, 2023
The Hide My WP Ghost – Security Plugin plugin for WordPress is vulnerable to IP Address Spoofing...
Moderate
Unreviewed
CVE-2022-4537
was published
Jul 6, 2023
The Brizy Page Builder plugin for WordPress is vulnerable to IP Address Spoofing in versions up...
Moderate
Unreviewed
CVE-2023-2897
was published
Jun 9, 2023
In modem, there is a possible missing verification of HashMME value in Security Mode Command....
Moderate
Unreviewed
CVE-2022-44420
was published
May 9, 2023
com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and...
Moderate
Unreviewed
CVE-2019-20057
was published
May 24, 2022
rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why...
Moderate
Unreviewed
CVE-2019-15162
was published
May 24, 2022
If a wildcard ('*') is specified for the host in Content Security Policy (CSP) directives, any...
Moderate
Unreviewed
CVE-2019-11737
was published
May 24, 2022
A vulnerability in the statistics collection service of Cisco HyperFlex Software could allow an...
Moderate
Unreviewed
CVE-2019-12620
was published
May 24, 2022
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an...
Moderate
Unreviewed
CVE-2019-5478
was published
May 24, 2022
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack...
Moderate
Unreviewed
CVE-2019-1880
was published
May 24, 2022
This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions...
Moderate
Unreviewed
CVE-2019-5431
was published
May 24, 2022
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between...
Moderate
Unreviewed
CVE-2023-5366
was published
Oct 6, 2023
aiosmtpd vulnerable to SMTP smuggling
Moderate
CVE-2024-27305
was published
for
aiosmtpd
(pip)
Mar 13, 2024
Insufficient Verification of Data Authenticity in Async Http Client
Moderate
CVE-2013-7397
was published
for
com.ning:async-http-client
(Maven)
May 13, 2022
Insufficient Verification of Data Authenticity in Async Http Client
Moderate
CVE-2013-7398
was published
for
com.ning:async-http-client
(Maven)
May 13, 2022
A GRE dataset file within Systems Manager can be tampered with and distributed to PCUs.
Moderate
Unreviewed
CVE-2023-30562
was published
Jul 13, 2023
Insufficient Verification of Data Authenticity in Apache Tomcat
Moderate
CVE-2017-7674
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
File reference keys leads to incorrect hashes on HMAC algorithms
Moderate
CVE-2021-41106
was published
for
lcobucci/jwt
(Composer)
Sep 29, 2021
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
Moderate
Unreviewed
CVE-2023-32329
was published
Feb 3, 2024
Magento 2 Community Edition Insufficient Logging
Moderate
CVE-2019-8124
was published
for
magento/community-edition
(Composer)
May 24, 2022
Exim through 4.97 allows SMTP smuggling in certain configurations. Remote attackers can use a...
Moderate
Unreviewed
CVE-2023-51766
was published
Dec 24, 2023
ProTip!
Advisories are also available from the
GraphQL API