GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,476

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

332 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The... High Unreviewed

CVE-2022-32252 was published Jun 15, 2022

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server... Critical Unreviewed

CVE-2022-31813 was published Jun 10, 2022

An issue was discovered in certain Verbatim drives through 2022-03-31. Due to missing integrity... Moderate Unreviewed

CVE-2022-28385 was published Jun 9, 2022

Lack of root file system integrity checking in Fortinet FortiOS VM application images all... Moderate Unreviewed

CVE-2019-5587 was published May 24, 2022

When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently... High Unreviewed

CVE-2021-26315 was published May 24, 2022

The npm ci command in npm 7.x and 8.x through 8.1.3 proceeds with an installation even if... Critical Unreviewed

CVE-2021-43616 was published May 24, 2022

FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted... Moderate Unreviewed

CVE-2020-23906 was published May 24, 2022

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability.... Moderate Unreviewed

CVE-2021-22460 was published May 24, 2022

The move_uploaded_file function in godomall5 does not perform an integrity check of extension or... High Unreviewed

CVE-2021-26610 was published May 24, 2022

The programmer installation utility does not perform a cryptographic authenticity or integrity... Moderate Unreviewed

CVE-2021-38396 was published May 24, 2022

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using... Moderate Unreviewed

CVE-2021-22947 was published May 24, 2022

Enbra EWM 1.7.29 does not check for or detect replay attacks sent by wireless M-Bus Security mode... Moderate Unreviewed

CVE-2021-34572 was published May 24, 2022

An arbitrary file download and execution vulnerability was found in the HShell.dll of handysoft... Critical Unreviewed

CVE-2021-26608 was published May 24, 2022

A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows... High Unreviewed

CVE-2020-19769 was published May 24, 2022

A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows... High Unreviewed

CVE-2020-19768 was published May 24, 2022

A vulnerability in Base Software for SoftControl allows an attacker to insert and run arbitrary... Critical Unreviewed

CVE-2020-24672 was published May 24, 2022

The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV... Moderate Unreviewed

CVE-2021-40491 was published May 24, 2022

An Insufficient Verification of Data Authenticity vulnerability in B. Braun SpaceCom2 prior to... Critical Unreviewed

CVE-2021-33885 was published May 24, 2022

A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series... High Unreviewed

CVE-2021-1586 was published May 24, 2022

An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker... High Unreviewed

CVE-2021-31228 was published May 24, 2022

wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant... Moderate Unreviewed

CVE-2021-38597 was published May 24, 2022

A ZTE's product of the transport network access layer has a security vulnerability. Because the... Moderate Unreviewed

CVE-2021-21739 was published May 24, 2022

A component of the HarmonyOS has a Insufficient Verification of Data Authenticity vulnerability.... Moderate Unreviewed

CVE-2021-22419 was published May 24, 2022

Dell EMC PowerFlex, v3.5.x contain a Cross-Site WebSocket Hijacking Vulnerability in the... Moderate Unreviewed

CVE-2021-21588 was published May 24, 2022

PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a... High Unreviewed

CVE-2021-36367 was published May 24, 2022

Previous 1 2 … 5 6 7 8 9 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

332 advisories