GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
342 advisories
Filter by severity
Missing validation during checkpoint loading
High
CVE-2021-41203
was published
for
tensorflow
(pip)
Nov 10, 2021
Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation...
Critical
Unreviewed
CVE-2023-4699
was published
Nov 6, 2023
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient
Verification of Data...
Moderate
Unreviewed
CVE-2024-47254
was published
Nov 5, 2024
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges...
Moderate
Unreviewed
CVE-2024-47255
was published
Nov 5, 2024
Laravel Reverb Missing API Signature Verification
High
CVE-2024-50347
was published
for
laravel/reverb
(Composer)
Oct 31, 2024
Insufficient Verification of Data Authenticity in python-keystoneclient
Critical
CVE-2013-2167
was published
for
python-keystoneclient
(pip)
Mar 10, 2020
Insufficient verification of data authenticity in
the configuration state machine may allow a...
Low
Unreviewed
CVE-2023-20570
was published
Feb 13, 2024
Insufficient Verification of Data Authenticity in Pillow
Moderate
CVE-2021-28678
was published
for
Pillow
(pip)
Jun 8, 2021
VULNERABILITY DETAILS
Rockwell Automation used the latest versions of the CVSS scoring system to...
High
Unreviewed
CVE-2024-7847
was published
Oct 14, 2024
Gradio lacks integrity checking on the downloaded FRP client
High
CVE-2024-47867
was published
for
gradio
(pip)
Oct 10, 2024
The goTenna Pro ATAK Plugin use AES CTR mode for short, encrypted
messages without any...
Moderate
Unreviewed
CVE-2024-43108
was published
Sep 26, 2024
OpenZeppelin Contracts contains Improper Verification of Cryptographic Signature
Moderate
CVE-2023-23940
was published
for
openzeppelin-cairo-contracts
(pip)
Feb 2, 2023
The goTenna Pro series use AES CTR mode for short, encrypted messages without any additional...
Moderate
Unreviewed
CVE-2024-47123
was published
Sep 26, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 12.2 prior to 16.5.6, 16...
Low
Unreviewed
CVE-2023-2030
was published
Jan 12, 2024
An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8,...
Moderate
Unreviewed
CVE-2023-3920
was published
Sep 29, 2023
In CODESYS Development System versions from 3.5.11.20 and before 3.5.19.20 a missing integrity...
High
Unreviewed
CVE-2023-3663
was published
Aug 3, 2023
Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end...
High
Unreviewed
CVE-2024-3051
was published
Apr 27, 2024
Malformed Device Reset Locally Command Class packets can be sent to the controller, causing the...
Moderate
Unreviewed
CVE-2023-6533
was published
Feb 21, 2024
Openstack Neutron has Insufficient Verification of IPv6 addresses
High
CVE-2021-20267
was published
for
neutron
(pip)
May 24, 2022
The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in...
Moderate
Unreviewed
CVE-2022-4533
was published
Sep 19, 2024
Incorrect header handling in mod-wsgi
High
CVE-2022-2255
was published
for
mod-wsgi
(pip)
Aug 26, 2022
HTTP client can manipulate custom HTTP headers that are added by Traefik
Critical
CVE-2024-45410
was published
for
github.com/traefik/traefik
(Go)
Sep 19, 2024
Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability. This...
Moderate
Unreviewed
CVE-2024-23922
was published
Sep 23, 2024
IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper...
High
Unreviewed
CVE-2023-35906
was published
Sep 5, 2023
Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for...
Moderate
Unreviewed
CVE-2024-27244
was published
May 15, 2024
ProTip!
Advisories are also available from the
GraphQL API