Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

44 advisories

Loading
Improper validation of integrity check value in Blockchain Keystore prior to version 1.3.16... Moderate Unreviewed
CVE-2024-49406 was published Nov 6, 2024
OpenStack Ironic fails to verify checksums of supplied image_source URLs Moderate
CVE-2024-47211 was published for ironic (pip) Oct 4, 2024
An issue was discovered in Samsung Mobile Processor EExynos 2200, Exynos 1480, Exynos 2400. It... Moderate Unreviewed
CVE-2024-31958 was published Jun 7, 2024
In the Linux kernel, the following vulnerability has been resolved: nfsd: map the EBADMSG to... Moderate Unreviewed
CVE-2024-49875 was published Oct 21, 2024
Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty... Moderate Unreviewed
CVE-2023-2975 was published Jul 14, 2023
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper validation of the ... Moderate Unreviewed
CVE-2024-45789 was published Sep 11, 2024
Diebold Nixdorf Vynamic Security Suite (VSS) before 3.3.0 SR10 fails to validate /etc/mtab during... Moderate Unreviewed
CVE-2023-24063 was published Aug 8, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2024-23461 was published May 2, 2024
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on... Moderate Unreviewed
CVE-2023-41970 was published May 2, 2024
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin Moderate
CVE-2023-48795 was published for golang.org/x/crypto (Go) Dec 18, 2023
TrueSkrillor lambdafu
KamilaBorowska levpachmanov
Moodle Grade information disclosure in grade's external fetch functions Moderate
CVE-2021-20184 was published for moodle/moodle (Composer) May 24, 2022
Improper validation of integrity check vulnerability in Smart Switch PC prior to version 4.3... Moderate Unreviewed
CVE-2023-30673 was published Jul 6, 2023
Briar before 1.4.22 allows attackers to spoof other users' messages in a blog, forum, or private... Moderate Unreviewed
CVE-2023-33981 was published May 24, 2023
A security feature bypass exists when Windows incorrectly validates CAB file signatures, aka ... Moderate Unreviewed
CVE-2019-1163 was published May 24, 2022
An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in... Moderate Unreviewed
CVE-2023-31437 was published Jun 13, 2023
A vulnerability in the Connectivity Fault Management (CFM) feature of Cisco IOS XR Software could... Moderate Unreviewed
CVE-2023-20233 was published Sep 13, 2023
Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to... Moderate Unreviewed
CVE-2023-42143 was published Jan 23, 2024
AsyncSSH Rogue Extension Negotiation Moderate
CVE-2023-46445 was published for asyncssh (pip) Nov 9, 2023
TrueSkrillor lambdafu
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a... Moderate Unreviewed
CVE-2023-31439 was published Jun 13, 2023
An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then... Moderate Unreviewed
CVE-2023-31438 was published Jun 13, 2023
An Improper Validation of Integrity Check Value in Zscaler Client Connector on Windows allows an... Moderate Unreviewed
CVE-2023-28802 was published Nov 21, 2023
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through... Moderate Unreviewed
CVE-2023-28002 was published Nov 14, 2023
OpenZeppelin Contracts using MerkleProof multiproofs may allow proving arbitrary leaves for specific trees Moderate
CVE-2023-34459 was published for @openzeppelin/contracts (npm) Jun 19, 2023
A vulnerability was found in ICEPAY REST-API-NET 0.9. It has been declared as problematic.... Moderate Unreviewed
CVE-2016-15028 was published Mar 12, 2023
The use of the cyclic redundancy check (CRC) algorithm for integrity check during firmware update... Moderate Unreviewed
CVE-2023-23119 was published Feb 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database