GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
266 advisories
Filter by severity
The Wordapp plugin for WordPress is vulnerable to authorization bypass due to an use of...
Critical
Unreviewed
CVE-2023-2987
was published
May 31, 2023
Snap One OvrC Pro devices versions 7.2 and prior do not validate firmware...
Critical
Unreviewed
CVE-2023-28386
was published
May 22, 2023
Altenergy Power Control Software C1.2.5 was discovered to contain a remote code execution (RCE)...
High
Unreviewed
CVE-2023-31502
was published
May 12, 2023
In modem, there is a possible missing verification of HashMME value in Security Mode Command....
Moderate
Unreviewed
CVE-2022-44420
was published
May 9, 2023
AMI MegaRAC SPx12 and SPx13 devices have Insufficient Verification of Data Authenticity.
Critical
Unreviewed
CVE-2023-28863
was published
Apr 18, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authenticity check for uploaded...
Critical
Unreviewed
CVE-2023-27748
was published
Apr 13, 2023
A man in the middle can redirect traffic to a malicious server in a compromised configuration.
High
Unreviewed
CVE-2023-26467
was published
Apr 11, 2023
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server...
High
Unreviewed
CVE-2023-27979
was published
Mar 21, 2023
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server...
High
Unreviewed
CVE-2023-27977
was published
Mar 21, 2023
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server...
High
Unreviewed
CVE-2023-27982
was published
Mar 21, 2023
Akuvox E11 does not ensure that a file extension is associated with the file provided. This could...
Moderate
Unreviewed
CVE-2023-0350
was published
Mar 13, 2023
A vulnerability classified as critical has been found in Zerocoin libzerocoin. Affected is the...
High
Unreviewed
CVE-2017-20180
was published
Mar 6, 2023
Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30...
Moderate
Unreviewed
CVE-2023-21441
was published
Feb 9, 2023
Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a proprietary local area network ...
High
Unreviewed
CVE-2023-22315
was published
Jan 31, 2023
Insufficient validation of address mapping to IO in ASP (AMD Secure Processor) may result in a...
Moderate
Unreviewed
CVE-2021-26396
was published
Jan 11, 2023
Emerson DeltaV Distributed Control System (DCS) has insufficient verification of firmware...
High
Unreviewed
CVE-2022-30260
was published
Dec 26, 2022
PAX Technology A930 PayDroid 7.1.1 Virgo V04.4.02 20211201 allows root privileged attackers to...
Moderate
Unreviewed
CVE-2022-26579
was published
Dec 17, 2022
Insufficient Verification of Data Authenticity vulnerability in Hewlett Packard Enterprise HPE...
Moderate
Unreviewed
CVE-2022-37928
was published
Dec 12, 2022
Insufficient verification of data authenticity vulnerability in Samsung Gear IconX PC Manager...
Moderate
Unreviewed
CVE-2022-39909
was published
Dec 8, 2022
An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to...
High
Unreviewed
CVE-2022-31877
was published
Nov 28, 2022
Remote code execution vulnerability due to insufficient verification of URLs, etc. in...
High
Unreviewed
CVE-2022-41156
was published
Nov 25, 2022
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine...
Moderate
Unreviewed
CVE-2022-0031
was published
Nov 9, 2022
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient,...
High
Unreviewed
CVE-2022-26122
was published
Nov 2, 2022
A firmware update vulnerability exists in the sysupgrade functionality of Robustel R1510 3.1.16...
Low
Unreviewed
CVE-2022-34845
was published
Oct 25, 2022
ProTip!
Advisories are also available from the
GraphQL API